| 5002 | Secure Your Jenkins Instance Or Hackers Will Force You To! (Snapchat’s $5,000 Vulnerability) |
RCE
LFI
Exposed Jenkins instance |
Snapchat |
Ben Sadeghipour (@nahamsec) |
Bug Bounty | 2017-08-22 | 2023-06-13 |
| 4890 | My Research on Misconfigured Jenkins Servers |
Information disclosure
Missing authentication
Exposed Jenkins instance |
Google
Tesco
Pearson
News Uk |
Mikail Tunç (@emtunc) |
Bug Bounty | 2018-01-18 | 2023-06-13 |
| 4604 | RCE Unsecure Jenkins Instance | Bug Bounty POC |
RCE
Exposed Jenkins instance |
NA |
Muhammad Khizer Javed (@khizer_javed47) |
Bug Bounty | 2018-09-07 | 2023-06-13 |
| 4563 | #BugBounty — From finding Jenkins instance to Command Execution.Secure your Jenkins Instance! |
RCE
Exposed Jenkins instance |
NA |
Avinash Jain (@logicbomb_1) |
Bug Bounty | 2018-09-27 | 2023-06-13 |
| 4049 | Story of my Biggest Bounty ever : Command Execution on Jenkins |
RCE
Exposed Jenkins instance |
NA |
Jay Jani (@JayJani007) |
Bug Bounty | 2019-07-11 | 2023-06-13 |
| 3942 | Exposed Jenkins to RCE on 8 Adobe Experience Managers |
RCE
Exposed Jenkins instance |
NA |
Corben Leo (@hacker_) |
Bug Bounty | 2019-09-04 | 2023-06-13 |
| 1268 | From Shodan to RCE: That one time I hacked a Fortune 500 company. |
Missing authentication
Arbitrary file read
RCE
Exposed Jenkins instance |
NA |
vimanari_ (@vimanari_) |
Bug Bounty | 2022-08-08 | 2023-06-13 |
| 874 | Chaining Multiple Vulnerabilities Leads to Remote Code Execution (RCE) on One of the Payment Service Companies. |
Exposed registration page
Exposed Jenkins instance
Weak credentials
RCE |
NA |
Rohit Soni (@streetofhacker) |
Bug Bounty | 2022-11-02 | 2023-06-13 |
| 48 | The 30000$ Bounty Affair. |
RCE
Missing authentication
Exposed Jenkins instance |
NA |
Gokulsspace (@GokTest) |
Bug Bounty | 2023-05-28 | 2023-06-13 |
