Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1338Riding The Inforail To Exploit Ivanti Avalanche RCE Insecure deserialization Race condition Authentication bypass Ivanti Piotr Bazydło (@chudyPB) Bug Bounty2022-07-192023-06-13
1100Riding The Inforail To Exploit Ivanti Avalanche Part 2 RCE Insecure deserialization Path traversal Authentication bypass Unrestricted file upload Arbitrary file write Arbitrary file read Ivanti Piotr Bazydło (@chudyPB) Bug Bounty2021-09-082023-06-13
884Vulnerabilities In Apache Batik Default Security Controls – SSRF And RCE Through Remote Class Loading SSRF RCE Apache Batik Piotr Bazydło (@chudypb) Bug Bounty2022-10-312023-06-13
823Control Your Types Or Get Pwned: Remote Code Execution In Exchange Powershell Backend RCE Windows Checkmk Piotr Bazydło (@chudyPB) Bug Bounty2022-11-162023-06-13
479Pwn2Owning Two Hosts At The Same Time: Abusing Inductive Automation Ignition’s Custom Deserialization Insecure deserialization RCE Security code review Inductive Automation Ignition Piotr Bazydło (@chudyPB) Bug Bounty2023-02-082023-06-13
378CVE-2022-38108: RCE In Solarwinds Network Performance Monitor Insecure deserialization RCE Security code review SolarWinds Piotr Bazydło (@chudyPB) Bug Bounty2023-02-282023-06-13