picussecurity.com
Resources curated from this publisher and indexed across appsec.fyi topic pages. Last item added: 2026-04-19.
| Date Added | Resource | Excerpt |
|---|---|---|
| 2026-04-19 2026 | Oracle EBS CVE-2025-61882: Pre-auth SSRF Leads to RCESSRF | Writeup detailing Oracle EBS CVE-2025-61882, a critical pre-authentication RCE vulnerability affecting versions 12.2.3 through 12.2.14. The exploit chain leverages Server-Side Request Forgery (SSRF), CRLF injection, authentication bypass, and unsafe XSLT processing to achieve unauthenticated code execution. The vulnerability, actively exploited by groups like Cl0p, allows attackers to chain SSRF with CRLF injection and path traversal to reach internal services and execute arbitrary code via malicious XSL stylesheets. |
| 2026-04-11 2026 | CVE-2025-59718: FortiCloud SSO Authentication BypassAuthN | Writeup of CVE-2025-59718, a critical authentication bypass in FortiCloud SSO. This Improper Verification of Cryptographic Signature (CWE-347) vulnerability allows unauthenticated remote attackers to achieve administrative access by submitting a crafted SAML packet to the `/remote/saml/login` endpoint. The flaw impacts multiple Fortinet products including FortiOS and FortiProxy. |
| 2026-04-10 2026 | WAF Bypass Using JSON-Based SQL Injection AttacksSQLi | Library entry detailing a WAF bypass technique using JSON-based SQL injection, building on research that found major vendors like Palo Alto Network, AWS, Cloudflare, F5, and Imperva failed to properly inspect JSON payloads. This method exploits the compatibility of databases such as PostgreSQL and MySQL with JSON, allowing malicious SQL commands to evade detection by many Web Application Firewalls. |
| 2026-04-10 2026 | CVE-2025-59287: WSUS Unauthenticated RCE VulnerabilityRCE | Writeup detailing CVE-2025-59287, a critical (CVSS 9.8) unauthenticated RCE vulnerability in Windows Server Update Services (WSUS). The flaw stems from unsafe deserialization via .NET BinaryFormatter in WSUS reporting web services, allowing attackers to execute arbitrary code with SYSTEM privileges. Exploitation involves crafted SOAP requests to the GetCookie endpoint containing an encrypted gadget chain payload. Microsoft has released an out-of-band update, and active exploitation has been observed in the wild. |
| 2026-04-06 2026 | WAF Testing Guide: How to Validate Web Application FirewallsSQLi | Guide to validating Web Application Firewalls (WAFs) using Breach and Attack Simulation (BAS). This approach continuously tests WAF efficacy against real-world attack payloads, including obfuscated SQL injection, XSS, RCE, and SSRF variants, as well as protocol-level vulnerabilities like HTTP vs. HTTPS inspection gaps. Agent-based BAS offers deterministic validation by isolating WAF behavior, providing accurate metrics on prevention rates, detection rates, and mitigation gaps without risking production environments. |