Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3881Finding SQL injections fast with white-box analysis — a recent bug example SQL injection Zoho Florian Hauser (@frycos) Bug Bounty2019-10-132023-06-13
3489Another Zoho ManageEngine Story Authentication bypass Zoho Florian Hauser (@frycos) Bug Bounty2020-05-112023-06-13
1922Searching for Deserialization Protection Bypasses in Microsoft Exchange (CVE-2022–21969) Insecure deserialization Microsoft Florian Hauser (@frycos) Bug Bounty2022-01-132023-06-13
1047Skype for Business Audit Part 1 - SKYPErsistence Local Privilege Escalation Windows Security code review Microsoft Florian Hauser (@frycos) Bug Bounty2022-09-222023-06-13
1030Skype for Business Audit Part 2 - SKYPErimeterleak SSRF Security code review Microsoft Florian Hauser (@frycos) Bug Bounty2022-09-262023-06-13
740Pre-Auth RCE with CodeQL in Under 20 Minutes Security code review RCE Command injection Authorization flaw pgAdmin Florian Hauser (@frycos) Bug Bounty2022-12-022023-06-13
549Using 0days to Protect the United Nations RCE Authentication bypass Path traversal United Nations Florian Hauser (@frycos) Bug Bounty2023-01-242023-06-13
493GoAnywhere MFT - A Forgotten Bug Insecure deserialization Security code review Fortra (GoAnywhere) Florian Hauser (@frycos) Bug Bounty2023-02-062023-06-13
463XXE with Auto-Update in install4j XXE Security code review Prosys OPC Florian Hauser (@frycos) Bug Bounty2023-02-122023-06-13
206Java Exploitation Restrictions in Modern JDK Times Insecure deserialization NA Florian Hauser (@frycos) Bug Bounty2023-04-112023-06-13