Yellow Badge
1959 Completed
11 Videos
7 Exercises
The yellow badge is our second set of exercises. It covers a wide range of web vulnerabilities to give people a view of what kind of issues can be found in web application.
Exercises
Medium
PENTESTERLAB
CVE-2016-10033: PHPMailer RCE
- This exercise covers a remote code execution vulnerability in PHPMailer
- 1 video
- Completed by 3629 students
- Takes < 1 Hr. on average
- PHP
- CWE-77
Medium
PENTESTERLAB
CVE-2016-2098
- This exercise covers a remote code execution vulnerability in Ruby-on-Rails when using render on user-supplied data
- 1 video
- Completed by 3543 students
- Takes < 1 Hr. on average
- Rails
- CWE-20
Medium
PENTESTERLAB
Play Session Injection
- This exercise covers the exploitation of a session injection in the Play framework. This issue can be used to tamper with the content of the session while bypassing the signing mechanism
- 2 videos
- Completed by 2809 students
- Takes < 1 Hr. on average
- Java/Play
Medium
PENTESTERLAB
Play XML Entities
- This exercise covers the exploitation of XML entities in the Play framework
- 1 video
- Completed by 2188 students
- Takes 1-2 Hrs. on average
- Java/Play
Medium
PENTESTERLAB
Struts s2-045
- This exercise covers a Remote Code Execution in Struts 2.
- 1 video
- Completed by 2688 students
- Takes < 1 Hr. on average
- Tomcat/Struts