Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
5280PayPal Bug Bounty: PayPaltech.com XSS XSS Paypal Julien Ahrens (@MrTuxracer) Bug Bounty2013-04-132023-06-13
5270PayPal Bug Bounty: PayPaltech.com E-Mail Injection Email injection Paypal Julien Ahrens (@MrTuxracer) Bug Bounty2013-09-262023-06-13
5248Magix Bug Bounty: magix.com (RCE, SQLi) and xara.com (LFI, XSS) RCE SQL injection LFI XSS Magix Julien Ahrens (@MrTuxracer) Bug Bounty2014-04-262023-06-13
5234Google Bug Bounty: Nice Catch on Google Cloud Platform Live Reflected XSS Google Julien Ahrens (@MrTuxracer) Bug Bounty2014-11-202023-06-13
5211CVE-2014-7216: A Journey Through Yahoo’s Bug Bounty Program Buffer Overflow Memory corruption Yahoo! / Verizon Media Julien Ahrens (@MrTuxracer) Bug Bounty2015-09-032023-06-13
5193Ubiquiti Bug Bounty: UniFi v3.2.10 Generic CSRF Protection Bypass CSRF Ubiquity Networks Julien Ahrens (@MrTuxracer) Bug Bounty2016-02-232023-06-13
5093Ok Google, Give Me All Your Internal DNS Information! SSRF Google Julien Ahrens (@MrTuxracer) Bug Bounty2017-03-012023-06-13
4999Upgrade from LFI to RCE via PHP Sessions LFI RCE NA Julien Ahrens (@MrTuxracer) Bug Bounty2017-08-282023-06-13
4210Dell KACE K1000 Remote Code Execution — the Story of Bug K1–18652 RCE Dropbox Julien Ahrens (@MrTuxracer) Bug Bounty2019-04-092023-06-13
4085About a Sucuri RCE...and How Not to Handle Bug Bounty Reports RCE Sucuri Julien Ahrens (@MrTuxracer) Bug Bounty2019-06-202023-06-13
3931H1-4420: From Quiz to Admin - Chaining Two 0-Days to Compromise An Uber Wordpress Stored XSS SQL injection Uber Julien Ahrens (@MrTuxracer) Bug Bounty2019-09-102023-06-13
3034Smuggling an (Un)exploitable XSS HTTP Request Smuggling XSS NA Julien Ahrens (@MrTuxracer) Bug Bounty2020-11-132023-06-13
1328WordPress Transposh: Exploiting a Blind SQL Injection via XSS - RCE Security SQL injection XSS Account takeover WordPress Julien Ahrens (@MrTuxracer) Bug Bounty2022-07-222023-06-13
784From Zero to Hero Part 1: Bypassing Intel DCM’s Authentication by Spoofing Kerberos and LDAP Responses (CVE-2022-33942) Authentication bypass Kerberos RCE Privilege escalation Security code review Intel Julien Ahrens (@MrTuxracer) Bug Bounty2022-11-232023-06-13
746From Zero to Hero Part 2: From SQL Injection to RCE on Intel DCM (CVE-2022-21225) SQL injection Kerberos RCE Privilege escalation Security code review Intel Julien Ahrens (@MrTuxracer) Bug Bounty2022-12-012023-06-13
207SecurePwn Part 1: Bypassing SecurePoint UTM’s Authentication (CVE-2023-22620) Authentication bypass SecurePoint Julien Ahrens (@MrTuxracer) Bug Bounty2023-04-112023-06-13
203SecurePwn Part 2: Leaking Remote Memory Contents (CVE-2023-22897) Memory leak SecurePoint Julien Ahrens (@MrTuxracer) Bug Bounty2023-04-122023-06-13