File-upload-vulnerbility

Published on
February 6, 2025
FlagYard - Web - Glide
Path-Traversal SSTI WEB Exploitation RCE File-Upload-Vulnerbility Extract-Vulnerbility
Exploiting path traversal in a tar file extraction process to overwrite a rendered template, leading to Server-Side Template Injection (SSTI) and ultimately achieving Remote Code Execution (RCE)

FlagYard - Web - Glide