Postauth SQLi in AdvantechWeb/SCADA 9.1.5U

During some internal pentests performed few weeks ago I found an SQL injection (postauth) bug in "latest" AdvantechWeb/SCADA (9.1.5U). Below you'll find more details about it. Here we go...

Healthy PostAuth RCE in FortiADC 7.4.0

Few weeks ago when I was playing a bit with Fortigate machines I decided to check FortiADC VM (downloaded here). After a while I found an interesting "feature" that can be used to achieve ('limited' AFAIK ;)) postauth RCE. Below you'll find few notes about it. Here we go...