During a recent penetration test I came across a web application, VideoInsight WebClient 5. There was no known vulnerability for this specific version but I was able to discover and utilize a SQLi vulnerability to gain remote code execution.
Recently I have been working through the Offensive Security Cracking the Perimeter course. To practice some of the concepts I decided to take a look at some known vulnerable applications. My goal was to find a vulnerability and get RCE without looking at the known vulnerabilities or exploits. This led me to Simple Web Server.