Blog

  • Multiple Concrete CMS vulnerabilities ( part1 – RCE )
    INTRO Concrete CMS is designed for ease of use, for users with a minimum of technical skills. It enables users to edit site content directly from the page. It provides  version management for every page,similar to wiki software, another type of web site development software. Concrete5 allows users to edit images through an embedded editor on the
  • Independently secure, together not so much – a story of 2 WP plugins
    Intro Recently we had to do a security assessment on a WordPress website. Obviously when dealing with a WordPress installation the best option is to always target the plugins. We’ve quickly enumerated the plugins using WPScan and then we recreated this setup in our local environment for easier testing & debugging. We found 2 interesting
  • Multiple vulnerabilities in cPanel/WHM
    Intro cPanel is a web hosting control panel software developed by cPanel, LLC. It provides a graphical interface (GUI) and automation tools designed to simplify the process of hosting a web site to the website owner or the “end user”. It enables administration through a standard web browser using a three-tier structure. While cPanel is
  • Fortbridge receives CREST accreditation for Penetration Testing services
    We are pleased to announce that Fortbridge is now a CREST accredited Penetration Testing Provider. Our dedicated team has experience in a wide range of industries, having worked previously in top tech companies in the UK/EU & US, focusing on application security and cloud security, both from an offensive as well as defensive perspective. About us Fortbridge
  • Drupal insecure default leads to password reset poisoning
    What is Drupal? Drupal is a free and open-source web content management framework written in PHP. Drupal provides a back-end framework for at least 13% of the top 10,000 websites worldwide – ranging from personal blogs to corporate, political, and government sites according to Wikipedia. For this test we used the latest version of Drupal with
  • Joomla password reset vulnerability and a stored XSS for full compromise
    Intro Joomla is one of the most popular CMS-es with over 1.5 million installations world-wide. We pentested Joomla 3.9.24 and found a password reset vulnerability which we chained with a set of vulnerabilities and features to achieve full compromise of the underlying server. Joomla has a strong OOP architecture and a large codebase. Strong input validation