Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3156Res-block: Extension Resources Block Attack on Chrome’s Incognito Mode Browser hacking Google Piyush Raj (@0x48piraj) Bug Bounty2020-09-162023-06-13
3149Remote code execution in import image task via storage bucket squatting RCE Google Anthony Weems Bug Bounty2020-09-192023-06-13
3126RCE on Spip and Root-Me RCE SQL injection XSS Open redirect Reflected file download SPIP Laluka (@TheLaluka) Bug Bounty2020-09-292023-06-13
3124Write Up – Google Bug Bounty: XSS To Cloud Shell Instance Takeover (Rce As Root) – $5,000 USD XSS RCE Google Omar Espino (@omespino) Bug Bounty2020-10-012023-06-13
3118Leveraging LFI to RCE in a website with +20000 users LFI RCE NA Kleiton Kurti (@kleiton0x7e) Bug Bounty2020-10-042023-06-13
311590 days, 16 bugs, and an Azure Sphere Challenge Local privilege escalation RCE DoS Information disclosure Microsoft Cisco Talos Bug Bounty2020-10-062023-06-13
3114Our Experiences Participating in Microsoft’s Azure Sphere Bounty Program Local privilege escalation RCE Security Feature bypass Microsoft McAfee Advanced Threat Research (ATR) Bug Bounty2020-10-062023-06-13
3109We Hacked Apple for 3 Months: Here’s What We Found RCE Authentication bypass Authorization bypass SSRF XXE Blind XSS IDOR OS command injection SQL injection Apple Sam Curry (@samwcyo) Bug Bounty2020-10-072023-06-13
3108Kud I Enter Your Server? New Vulnerabilities in Microsoft Azure Privilege escalation RCE Cloud Microsoft Intezer Bug Bounty2020-10-082023-06-13
3095MS Enterprise app management service RCE. CVE-2022-35841 RCE Local Privilege Escalation Windows Microsoft Ceri Coburn (@_ethicalchaos_) Bug Bounty2020-10-132023-06-13
3093Discord Desktop app RCE RCE Discord Masato Kinugawa (@kinugawamasato) Bug Bounty2020-10-172023-06-13
3092GitHub - RCE via git option injection (almost) - $20,000 Bounty RCE GitHub William Bowling / vakzz (@wcbowling) Bug Bounty2020-10-182023-06-13
3087GitHub Pages - Multiple RCEs via insecure Kramdown configuration - $25,000 Bounty RCE Path traversal GitHub William Bowling / vakzz (@wcbowling) Bug Bounty2020-10-202023-06-13
3082Samsung S20 - RCE via Samsung Galaxy Store App RCE Samsung F-Secure Bug Bounty2020-10-232023-06-13
3071Weblogic RCE by only one GET request — CVE-2020–14882 Analysis RCE Authentication bypass Security code review Oracle (WebLogic) Nguyễn Tiến Giang (@testanull) Bug Bounty2020-10-282023-06-13
3068Wormable remote code execution in Alien Swarm RCE Valve mev Bug Bounty2020-10-302023-06-13
3061Leaked .git folder leads to RCE .git folder disclosure RCE NA James Clee (@jtcsec) Bug Bounty2020-11-012023-06-13
3051Attack of the clones: Git clients remote code execution RCE GitHub Vitor Fernandes (@Rapt00rVF) Bug Bounty2020-11-062023-06-13
3048Silver Peak Unity Orchestrator RCE RCE Authentication bypass Path traversal SQL injection Silver Peak Realmode Labs (@RealmodeLabs) Bug Bounty2020-11-082023-06-13
3030SD-PWN Part 2 — Citrix SD-WAN Center — Another Network Takeover RCE Authentication bypass Path traversal OS command injection Local Privilege Escalation Citrix Systems Realmode Labs (@RealmodeLabs) Bug Bounty2020-11-152023-06-13
3025RCE via Server-Side Template Injection SSTI RCE NA Gaurav Mishra (@gmishra010) Bug Bounty2020-11-152023-06-13
3021Hacking into (RCE) Government Server operated for the US Department of Energy’s National Nuclear Security Administration. RCE OS command injection US Department of Energy Shaheen Fazim Bug Bounty2020-11-162023-06-13
3016Out of Band XXE in an E-commerce IOS app XXE NA Gaurang Bhatnagar (@0xgaurang) Bug Bounty2020-11-192023-06-13
3007SD-PWN — Part 3 — Cisco vManage — Another Day, Another Network Takeover RCE SSRF Arbitrary file write Path traversal OS command injection Local Privilege Escalation Cisco Realmode Labs (@RealmodeLabs) Bug Bounty2020-11-232023-06-13
3004SD-PWN Part 4 — VMware VeloCloud — The Last Takeover RCE Authentication bypass Default credentials SQL injection Path traversal LFI VMware Realmode Labs (@RealmodeLabs) Bug Bounty2020-11-262023-06-13