Annotation tool: token forgery using jwt secret to claim super admin role

Although the annotator tool's source code is not directly provided in the repository a docker image is provided. From there it is easy to get access to the source code by either extracting the docker tar image, which can be exported from docker itself, or connecting to the container with an...

ExpressionEngine: Full path + some back-end code disclosure

Hello, Ironically enough, I just discovered a full path disclosure issue. When an admin edits their personal information, a request like the following gets sent: POST /ee/admin.php?/cp/members/profile/settings&id=1 HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 X11; Linux x8664; rv:45.0...