Write-ups
Check The Published Writeups
| WDB | Title | Tags | Programs | Authors | Type | Publication | Added |
|---|---|---|---|---|---|---|---|
| 3540 | CSRF to RCE bug chain in Prestashop v1.7.6.4 and below | RCE CSRF Stored XSS Unrestricted file upload | PrestaShop | Sivanesh Ashok (@sivaneshashok) | Bug Bounty | 2020-04-18 | 2023-06-13 |
| 3362 | Bypassing file upload filter by source code review in Bolt CMS | RCE Unrestricted file upload Path traversal Security code review | Bolt CMS | Sivanesh Ashok (@sivaneshashok) | Bug Bounty | 2020-06-27 | 2023-06-13 |
| 1549 | Stealing Google Drive OAuth tokens from Dropbox | CSRF SSRF Account takeover | Dropbox | Sivanesh Ashok (@sivaneshashok) | Bug Bounty | 2022-05-17 | 2023-06-13 |
| 596 | SSH key injection in Google Cloud Compute Engine [Google VRP] | OS command injection RCE | Sivanesh Ashok (@sivaneshashok) | Bug Bounty | 2023-01-12 | 2023-06-13 | |
| 594 | Bypassing authorization in Google Cloud Workstations [Google VRP] | Account takeover OAuth URL validation bypass | Sivanesh Ashok (@sivaneshashok) | Bug Bounty | 2023-01-13 | 2023-06-13 |