Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
5266LFI in Nokia maps LFI Nokia Shashank (@cyberboyIndia) Bug Bounty2013-10-222023-06-13
5256Google Sites: A Tale of Five Vulnerabilities XSS LFI HTML injection Google Bitquark (@bitquark) Bug Bounty2013-12-302023-06-13
5248Magix Bug Bounty: magix.com (RCE, SQLi) and xara.com (LFI, XSS) RCE SQL injection LFI XSS Magix Julien Ahrens (@MrTuxracer) Bug Bounty2014-04-262023-06-13
5233Reading local files from Facebook%27s server (fixed) LFI Unrestricted file upload Meta / Facebook Josip Franjkovic (@josipfranjkovic) Bug Bounty2014-12-062023-06-13
5192Hacking Magento eCommerce For Fun And 17.000 USD Information disclosure LFI RFI Adobe Egidio Romano / EgiX Bug Bounty2016-03-032023-06-13
5075Hacking the NHS for Fun and No Profit SQL injection LFI NHS Nathan (@NathOnSecurity) Bug Bounty2017-05-222023-06-13
5048Escalating XSS in PhantomJS Image Rendering to SSRF/Local-File Read XSS SSRF LFI NA Brett Buerhaus (@bbuerhaus) Bug Bounty2017-06-292023-06-13
5002Secure Your Jenkins Instance Or Hackers Will Force You To! (Snapchat’s $5,000 Vulnerability) RCE LFI Exposed Jenkins instance Snapchat Ben Sadeghipour (@nahamsec) Bug Bounty2017-08-222023-06-13
4999Upgrade from LFI to RCE via PHP Sessions LFI RCE NA Julien Ahrens (@MrTuxracer) Bug Bounty2017-08-282023-06-13
4941Local File Read via XSS in Dynamically Generated PDF XSS LFI NA Rahul Maini (@iamnoooob) Bug Bounty2017-11-082023-06-13
4921LFI to Command Execution: Deutche Telekom Bug Bounty LFI RCE Deutche Telekom Daniel Maksimovic Bug Bounty2017-11-302023-06-13
4912LFI to 10 servers pwn LFI RCE NA Nirmal Dahal (@TheNittam) Bug Bounty2017-12-192023-06-13
4882No RCE? Then SSH to the box! LFI Path traversal RCE NA Jasmin Laundry (@JR0ch17) Bug Bounty2018-01-252023-06-13
4791#BugBounty — "Journey from LFI to RCE!!!"-How I was able to get the same in one of the India’s popular property buy/sell company. LFI RCE NA Avinash Jain (@logicbomb_1) Bug Bounty2018-04-192023-06-13
4786How we got LFI in apache Drill (Recon like a boss) LFI NA gujjuboy10x00 (@vis_hacker) Bug Bounty2018-04-232023-06-13
4750How I got hall of fame in two fortune 500 companies — An RCE story… RCE NA Alfie (@emenalf) Bug Bounty2018-05-292023-06-13
4580Chain The Bugs to Pwn an Organisation ( LFI + Unrestricted File Upload = Remote Code Execution ) LFI Unrestricted file upload RCE NA Armaan Pathan (@armaancrockroax) Bug Bounty2018-09-182023-06-13
4576Local file inclusion at IKEA.com LFI Ikea Jonathan Bouman (@JonathanBouman) Bug Bounty2018-09-192023-06-13
4565Arbitrary File Read in one of the largest CRMs LFI NA Richard Clifford (@MantisSTS) Bug Bounty2018-09-262023-06-13
4492Evernote For Windows Read Local File and Command Execute Vulnerabilities Stored XSS LFI RCE Evernote TongQing Zhu Bug Bounty2018-11-052023-06-13
4457Exploiting SSRF like a Boss — Escalation of an SSRF to Local File Read! SSRF LFI NA Zain Sabahat (@Zain_Sabahat) Bug Bounty2018-11-222023-06-13
4411Remote Code Execution on a Facebook server LFI RCE CSRF phpMyAdmin Daniel Le Gall (@Blaklis_) Bug Bounty2018-12-142023-06-13
4365Abusing MySQL clients to get LFI from the server/client LFI NA Jarkko Vesiluoma (@jvesiluoma) Bug Bounty2019-01-152023-06-13
4342Magento – RCE & Local File Read with low privilege admin rights LFI RCE Path traversal Magento Daniel Le Gall (@Blaklis_) Bug Bounty2019-01-242023-06-13
4327LFI in Apigee portals LFI Google wtm@offensi.com (@wtm_offensi) Bug Bounty2019-01-312023-06-13