Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
4366Gaining access to Uber%27s user data through AMPScript evaluation AMPScript injection Uber Shubham Shah (@infosec_au) Bug Bounty2019-01-142023-06-13
4242Discovering a zero day and getting code execution on Mozilla%27s AWS Network RCE Mozilla Shubham Shah (@infosec_au) Bug Bounty2019-03-192023-06-13
2442Taking over Uber accounts through voicemail Account takeover Voicemail hacking Uber Shubham Shah (@infosec_au) Bug Bounty2021-06-272023-06-13
2106Sitecore Experience Platform Pre-Auth RCE - CVE-2021-42237 RCE Insecure deserialization Security code review Sitecore Shubham Shah (@infosec_au) Bug Bounty2021-11-012023-06-13
1971Turning bad SSRF to good SSRF: Websphere Portal SSRF HCL Technologies Shubham Shah (@infosec_au) Bug Bounty2021-12-262023-06-13
1911Stealing administrative JWT%27s through post auth SSRF (CVE-2021-22056) SSRF CSRF VMware Shubham Shah (@infosec_au) Bug Bounty2022-01-172023-06-13
1582Hacking a Bank by Finding a 0day in DotCMS Directory traversal Unrestricted file upload RCE NA Shubham Shah (@infosec_au) Bug Bounty2022-05-032023-06-13
1486Chaining vulnerabilities to criticality in Progress WhatsUp Gold SSRF Local File Disclosure Information disclosure Progress (WhatsUp Gold) Shubham Shah (@infosec_au) Bug Bounty2022-06-092023-06-13
1428Abusing functionality to exploit a super SSRF in Jira Server (CVE-2022-26135) SSRF Atlassian Shubham Shah (@infosec_au) Bug Bounty2022-06-262023-06-13
887Exploiting Static Site Generators: When Static Is Not Actually Static SSRF XSS Security code review Netlify Gatsby Shubham Shah (@infosec_au) Bug Bounty2022-10-282023-06-13
153Finding XSS in a million websites (cPanel CVE-2023-29489) Reflected XSS Security code review cPanel Shubham Shah (@infosec_au) Bug Bounty2023-04-262023-06-13
143Exploiting an Order of Operations Bug to Achieve RCE in Oracle Opera RCE Unrestricted file upload Path traversal Security code review Oracle (Opera) Shubham Shah (@infosec_au) Bug Bounty2023-04-302023-06-13