5266 | LFI in Nokia maps |
LFI |
Nokia |
Shashank (@cyberboyIndia) |
Bug Bounty | 2013-10-22 | 2023-06-13 |
5256 | Google Sites: A Tale of Five Vulnerabilities |
XSS
LFI
HTML injection |
Google |
Bitquark (@bitquark) |
Bug Bounty | 2013-12-30 | 2023-06-13 |
5248 | Magix Bug Bounty: magix.com (RCE, SQLi) and xara.com (LFI, XSS) |
RCE
SQL injection
LFI
XSS |
Magix |
Julien Ahrens (@MrTuxracer) |
Bug Bounty | 2014-04-26 | 2023-06-13 |
5233 | Reading local files from Facebook%27s server (fixed) |
LFI
Unrestricted file upload |
Meta / Facebook |
Josip Franjkovic (@josipfranjkovic) |
Bug Bounty | 2014-12-06 | 2023-06-13 |
5192 | Hacking Magento eCommerce For Fun And 17.000 USD |
Information disclosure
LFI
RFI |
Adobe |
Egidio Romano / EgiX |
Bug Bounty | 2016-03-03 | 2023-06-13 |
5075 | Hacking the NHS for Fun and No Profit |
SQL injection
LFI |
NHS |
Nathan (@NathOnSecurity) |
Bug Bounty | 2017-05-22 | 2023-06-13 |
5048 | Escalating XSS in PhantomJS Image Rendering to SSRF/Local-File Read |
XSS
SSRF
LFI |
NA |
Brett Buerhaus (@bbuerhaus) |
Bug Bounty | 2017-06-29 | 2023-06-13 |
5002 | Secure Your Jenkins Instance Or Hackers Will Force You To! (Snapchat’s $5,000 Vulnerability) |
RCE
LFI
Exposed Jenkins instance |
Snapchat |
Ben Sadeghipour (@nahamsec) |
Bug Bounty | 2017-08-22 | 2023-06-13 |
4999 | Upgrade from LFI to RCE via PHP Sessions |
LFI
RCE |
NA |
Julien Ahrens (@MrTuxracer) |
Bug Bounty | 2017-08-28 | 2023-06-13 |
4941 | Local File Read via XSS in Dynamically Generated PDF |
XSS
LFI |
NA |
Rahul Maini (@iamnoooob) |
Bug Bounty | 2017-11-08 | 2023-06-13 |
4921 | LFI to Command Execution: Deutche Telekom Bug Bounty |
LFI
RCE |
Deutche Telekom |
Daniel Maksimovic |
Bug Bounty | 2017-11-30 | 2023-06-13 |
4912 | LFI to 10 servers pwn |
LFI
RCE |
NA |
Nirmal Dahal (@TheNittam) |
Bug Bounty | 2017-12-19 | 2023-06-13 |
4882 | No RCE? Then SSH to the box! |
LFI
Path traversal
RCE |
NA |
Jasmin Laundry (@JR0ch17) |
Bug Bounty | 2018-01-25 | 2023-06-13 |
4791 | #BugBounty — "Journey from LFI to RCE!!!"-How I was able to get the same in one of the India’s popular property buy/sell company. |
LFI
RCE |
NA |
Avinash Jain (@logicbomb_1) |
Bug Bounty | 2018-04-19 | 2023-06-13 |
4786 | How we got LFI in apache Drill (Recon like a boss) |
LFI |
NA |
gujjuboy10x00 (@vis_hacker) |
Bug Bounty | 2018-04-23 | 2023-06-13 |
4750 | How I got hall of fame in two fortune 500 companies — An RCE story… |
RCE |
NA |
Alfie (@emenalf) |
Bug Bounty | 2018-05-29 | 2023-06-13 |
4580 | Chain The Bugs to Pwn an Organisation ( LFI + Unrestricted File Upload = Remote Code Execution ) |
LFI
Unrestricted file upload
RCE |
NA |
Armaan Pathan (@armaancrockroax) |
Bug Bounty | 2018-09-18 | 2023-06-13 |
4576 | Local file inclusion at IKEA.com |
LFI |
Ikea |
Jonathan Bouman (@JonathanBouman) |
Bug Bounty | 2018-09-19 | 2023-06-13 |
4565 | Arbitrary File Read in one of the largest CRMs |
LFI |
NA |
Richard Clifford (@MantisSTS) |
Bug Bounty | 2018-09-26 | 2023-06-13 |
4492 | Evernote For Windows Read Local File and Command Execute Vulnerabilities |
Stored XSS
LFI
RCE |
Evernote |
TongQing Zhu |
Bug Bounty | 2018-11-05 | 2023-06-13 |
4457 | Exploiting SSRF like a Boss — Escalation of an SSRF to Local File Read! |
SSRF
LFI |
NA |
Zain Sabahat (@Zain_Sabahat) |
Bug Bounty | 2018-11-22 | 2023-06-13 |
4411 | Remote Code Execution on a Facebook server |
LFI
RCE
CSRF |
phpMyAdmin |
Daniel Le Gall (@Blaklis_) |
Bug Bounty | 2018-12-14 | 2023-06-13 |
4365 | Abusing MySQL clients to get LFI from the server/client |
LFI |
NA |
Jarkko Vesiluoma (@jvesiluoma) |
Bug Bounty | 2019-01-15 | 2023-06-13 |
4342 | Magento – RCE & Local File Read with low privilege admin rights |
LFI
RCE
Path traversal |
Magento |
Daniel Le Gall (@Blaklis_) |
Bug Bounty | 2019-01-24 | 2023-06-13 |
4327 | LFI in Apigee portals |
LFI |
Google |
wtm@offensi.com (@wtm_offensi) |
Bug Bounty | 2019-01-31 | 2023-06-13 |