Research

We invest significant time in security research projects, honing and developing skills which allow our consultants to deliver the best possible results.

Take a look at our latest research projects below.

Reflected XSS Vulnerability – SoPlanning

Nour Alomary

XSS to Account Takeover – SoPlanning

Nour Alomary

Time-based Blind SQL Injection – SoPlanning

Nour Alomary

Boolean-based Blind SQL Injection – SoPlanning

Nour Alomary

Textpattern RCE | Pentest - Supporting Information Security Improvement

Leveraging XSS to get RCE in Textpattern 4.8.7

Paul Ritchie

Multiple Vulnerabilities in OpenCMS 11.0.2

Paul Ritchie & Sam Moore

Pentest Limited | Research | OpenCMS Clickjacking

Exploiting OpenCMS 11.0.2 using ClickJacking

Paul Ritchie

Pentest Limited | Research | OpenCMS XSS

Leveraging XSS to get RCE in OpenCMS 11.0.2

Paul Ritchie & Sam Moore

Pentest Limited | Information Security Consultancy

Authentication Bypass – Fedena School Management Software (CVE-2021-27980)

Paul Ritchie

Multiple Vulnerabilities in Fedena 2.3 School Management Software

Pentest

The (Remote) Road to Pwn2Own Tokyo 2020

Pentest

Drupal 8 Remote Code Execution by estimating installation time of site (CVE-2020-13664)

Lorenzo Grespan & Sam Thomas

Pentest Limited | Research | XSS WordPress Core

A subtle stored-XSS in WordPress core (CVE-2020-4046)

Sam Thomas

I Like to Watch – Hack-A-Sat CTF Challenge Solution

Dawid Golunski

Pentest Limited | Research | CVE-2020-7055

RCE in WordPress Elementor Plugin (CVE-2020-7055)

Sam Thomas & Kyle Fleming

How can we support you?

Contact our team today and find out how our services can help you obtain the information security assurance you need.

Research

Reflected XSS Vulnerability – SoPlanning

XSS to Account Takeover – SoPlanning

Time-based Blind SQL Injection – SoPlanning

Boolean-based Blind SQL Injection – SoPlanning

Leveraging XSS to get RCE in Textpattern 4.8.7

Multiple Vulnerabilities in OpenCMS 11.0.2

Exploiting OpenCMS 11.0.2 using ClickJacking

Leveraging XSS to get RCE in OpenCMS 11.0.2

Authentication Bypass – Fedena School Management Software (CVE-2021-27980)

Multiple Vulnerabilities in Fedena 2.3 School Management Software

The (Remote) Road to Pwn2Own Tokyo 2020

Drupal 8 Remote Code Execution by estimating installation time of site (CVE-2020-13664)

A subtle stored-XSS in WordPress core (CVE-2020-4046)

I Like to Watch – Hack-A-Sat CTF Challenge Solution

RCE in WordPress Elementor Plugin (CVE-2020-7055)

How can we support you?

/contact Us

/connect

/services

/about

/links