Sonar Blog

Home

Sonar's latest blog posts

Featured Post

Building Confidence and Trust in AI-Generated Code

To tackle the accountability and ownership challenge accompanying AI-generated code, we are introducing Sonar AI Code Assurance

Read More
AI generated code is detected in project
Image for SuiteCRM 7.11.4 - Breaking Into Your Internal Network
Blog post

SuiteCRM 7.11.4 - Breaking Into Your Internal Network

In this blog post we will see how a vulnerable web application deployed in the internal network of your company can act as a charming entry gateway for any adversary.

Read Blog post >

Image for Pre-Auth Takeover of OXID eShops
Blog post

Pre-Auth Takeover of OXID eShops

We detected a highly critical vulnerability in the OXID eShop software that allows unauthenticated attackers to takeover an eShop remotely in less than a few seconds - all on default configurations.

Read Blog post >

Get new blogs delivered directly to your inbox!

Stay up-to-date with the latest Sonar content. Subscribe now to receive the latest blog articles.

I do not wish to receive promotional emails about upcoming SonarQube updates, new releases, news and events.

By submitting this form, you agree to the storing and processing of your personal data as described in the Privacy Policy and Cookie Policy. You can withdraw your consent by unsubscribing at any time.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

In this technical blog post we examine a critical vulnerability in the core of the TYPO3 CMS (CVE-2019-12747). A reliable exploit allows the execution of arbitrary PHP code on the underly...
Blog post

TYPO3 9.5.7: Overriding the Database to Execute Code

In this technical blog post we examine a critical vulnerability in the core of the TYPO3 CMS (CVE-2019-12747). A reliable exploit allows the execution of arbitrary PHP code on the underlying system as authenticated user.

Read Blog post >

This blog post shows how the combination of a HTML sanitizer bug and a Phar Deserialization in the popular eCommerce solution Magento <=2.3.1 lead to a high severe exploit chain. This cha...
Blog post

Magento 2.3.1: Unauthenticated Stored XSS to RCE

This blog post shows how the combination of a HTML sanitizer bug and a Phar Deserialization in the popular eCommerce solution Magento <=2.3.1 lead to a high severe exploit chain. This chain can be abused by an unauthenticated attacker to fully takeover certain Magento stores and to redirect payments.

Read Blog post >

In this blog post we will show how to exploit a SQL injection vulnerability (CVE-2019-12872) found by RIPS Code Analysis in the popular java-based content management system dotCMS and how...
Blog post

dotCMS 5.1.5: Exploiting H2 SQL injection to RCE

In this blog post we will show how to exploit a SQL injection vulnerability (CVE-2019-12872) found by RIPS Code Analysis in the popular java-based content management system dotCMS and how we escalated it to execute code remotely.

Read Blog post >

This blog post shows how an attacker can take over any board hosted with MyBB prior to version 1.8.21 by sending a malicious private message to an administrator or by creating a malicious...
Blog post

MyBB <= 1.8.20: From Stored XSS to RCE

This blog post shows how an attacker can take over any board hosted with MyBB prior to version 1.8.21 by sending a malicious private message to an administrator or by creating a malicious post. We use a chain of two security vulnerabilities detected in the code.

Read Blog post >

Archives such as Zip, Tar, Jar or 7z are useful formats to collect and compress multiple files or directories in a container-like structure. However, the extraction of archives can introd...
Blog post

The Hidden Flaws of Archives in Java

Archives such as Zip, Tar, Jar or 7z are useful formats to collect and compress multiple files or directories in a container-like structure. However, the extraction of archives can introduce security risks which resulted in multiple critical vulnerabilities in popular applications in the past. In this post we explain the risk behind archive extraction and show how to securely extract archives in Java.

Read Blog post >

Image shows various elements of code security, languages and bugs
Blog post

The NeverEnding Story of writing a rule for argument passing in C++

Here is a story of a rule, from concept to production. While the selected rule is for C++, this story contains interesting insight on the craft of rule development, no matter the target language.

Read Blog post >

Image for Dependency hell: a complete guide
Blog post

Dependency hell: a complete guide

At a recent meetup, a few of us developers got into a discussion about "dependency hell"—the condition when one or more pieces of software need two or more conflicting dependencies (usually transitive ones) installed in the same environment.

Read article >

Image for Developers spend 30% of their time on code maintenance: our latest survey results, part 3
Blog post

Developers spend 30% of their time on code maintenance: our latest survey results, part 3

In our latest survey, which we ran in November and December of last year, we set out to answer some of the follow-up questions that arose after we analyzed the earlier results. Nearly 300 developers responded to our survey, which dives deeper into how professional developers use open source today.

Read article >

This blog post reveals another critical exploit chain for WordPress 5.1 that enables an unauthenticated attacker to gain remote code execution (CVE-2019-9787).
Blog post

WordPress 5.1 CSRF to Remote Code Execution

This blog post reveals another critical exploit chain for WordPress 5.1 that enables an unauthenticated attacker to gain remote code execution (CVE-2019-9787).

Read Blog post >