Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
4492Evernote For Windows Read Local File and Command Execute Vulnerabilities Stored XSS LFI RCE Evernote TongQing Zhu Bug Bounty2018-11-052023-06-13
3985LAN-Based Blind SSRF Attack Primitive for Windows Systems (switcheroo) SSRF Microsoft initstring (@init_string) Bug Bounty2019-08-092023-06-13
38575,000 USD XSS Issue at Avast Desktop AntiVirus for Windows (Yes, Desktop!) Reflected XSS Avast YoKo Kho (@YokoAcc) Bug Bounty2019-10-292023-06-13
3526XSS in Peerio 2 Windows Application (Write Up) XSS Peerio Evan Ricafort (@evanricafort) Bug Bounty2020-04-242023-06-13
3470CVE-2020–1088 — Yet another arbitrary delete EoP Local Privilege Escalation Windows Microsoft Søren Fritzbøger (@fritzboger) Bug Bounty2020-05-182023-06-13
3266One Click to Compromise -- Fun With ClickOnce Deployment Manifests NTLMv2 hash disclosure One-click execution of arbitrary .Net assemblies Windows Microsoft Dave Cossa (@G0ldenGunSec) Bug Bounty2020-07-302023-06-13
3207Windows AppX Deployment Service Local Privilege Escalation (CVE-2020-1488 Local Privilege Escalation Microsoft ACTIVELabs Bug Bounty2020-08-182023-06-13
3155Dropbox Escalation of Privileges to SYSTEM on Windows Local Privilege Escalation Dropbox Teresa Alberto Bug Bounty2020-09-172023-06-13
3095MS Enterprise app management service RCE. CVE-2022-35841 RCE Local Privilege Escalation Windows Microsoft Ceri Coburn (@_ethicalchaos_) Bug Bounty2020-10-132023-06-13
2893BitLocker Lockscreen bypass Lock screen bypass Local Privilege Escalation Windows Microsoft Jonas L (@jonasLyk) Bug Bounty2021-01-152023-06-13
2773CVE-2021-23827: Sakura Samurai discover cleartext pictures in Keybase Desktop Client; Windows, macOS, Linux Unencrypted storage Keybase John Jackson (@johnjhacking) Bug Bounty2021-02-222023-06-13
2733Partially disable Cybereason EDR as low privileges user on Windows EDR bypass Local Privilege Escalation Cybereason Mehdi Alouache Bug Bounty2022-10-282023-06-13
2604Relaying Potatoes: Another Unexpected Privilege Escalation Vulnerability in Windows RPC Protocol Local Privilege Escalation Microsoft Antonio Cocomazzi (@splinter_code) Bug Bounty2021-04-262023-06-13
2469Certified Pre-Owned Active Directory Privilege Escalation ADCS Windows Microsoft Will Schroeder (@harmj0y) Bug Bounty2021-06-172023-06-13
2189CVE-2021-39246 – Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack excessive verbose logging – Windows, macOS, Linux Verbose logging Tor sickcodes (@sickcodes) Bug Bounty2021-09-272023-06-13
2187DeepSurface Security Advisory: LPE in Firefox on Windows Local Privilege Escalation Mozilla Robert Chen Bug Bounty2021-09-282023-06-13
2058GoSecure Investigates Abusing Windows Server Update Services (WSUS) to Enable NTLM Relaying Attacks Local Privilege Escalation Microsoft Romain Carnus Bug Bounty2021-11-222023-06-13
2041This Microsoft Windows RCE Vulnerability Gives an Attacker Complete Control Memory corruption Microsoft Malcolm Stagg (@malcolmst) Bug Bounty2021-11-302023-06-13
2017Windows 10 RCE: The exploit is in the link RCE Microsoft Fabian Bräunlein Bug Bounty2021-12-072023-06-13
1885Stealing administrative JWT%27s through post auth SSRF (CVE-2021-22056) Windows Driver hacking Kernel DoS VMware Christopher (@Kharosx0) Bug Bounty2022-01-272023-06-13
1837SpoolFool: Windows Print Spooler Privilege Escalation (CVE-2022-21999) Local Privilege Escalation Microsoft Olivier Lyak (@ly4k_) Bug Bounty2022-02-082023-06-13
1719Abusing Arbitrary File Deletes To Escalate Privilege And Other Great Tricks Local Privilege Escalation Microsoft (Windows) Abdelhamid Naceri Bug Bounty2022-03-172023-06-13
1560Diving Into Pre-created Computer Accounts Active Directory Local Privilege Escalation Windows NA Oddvar Moe (@Oddvarmoe) Bug Bounty2022-05-102023-06-13
1493CVE-2022-26937: Microsoft Windows Network File System NLM Portmap Stack Buffer Overflow Buffer Overflow Memory corruption Microsoft Yuki Chen (@guhe120) Bug Bounty2022-06-082023-06-13
1368CVE-2022-30136: Microsoft Windows Network File System V4 Remote Code Execution Vulnerability RCE DoS Memory corruption Microsoft Yuki Chen (@guhe120) Bug Bounty2022-07-142023-06-13