itemscope itemtype="http://schema.org/WebSite">
Application Security London - Vulnerability Research

Multiple vulnerabilities in cPanel/WHM

Intro cPanel is a web hosting control panel software developed by cPanel, LLC. It provides a graphical interface (GUI) and automation tools designed to simplify the process of hosting a web site to the website owner or the “end user”. It enables administration through a standard web browser using a three-tier structure. While cPanel is

Joomla password reset vulnerability and a stored XSS for full compromise

Intro Joomla is one of the most popular CMS-es with over 1.5 million installations world-wide. We pentested Joomla 3.9.24 and found a password reset vulnerability which we chained with a set of vulnerabilities and features to achieve full compromise of the underlying server. Joomla has a strong OOP architecture and a large codebase. Strong input validation