Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
646The OWASSRF + TabShell exploit chain SSRF Path traversal Sandbox escape Microsoft Rskvp93 (@rskvp93) Bug Bounty2022-12-262023-06-13
619CVE-2022-25026 & CVE-2022-25027: Vulnerabilities in Rocket TRUfusion Enterprise Authentication bypass SSRF Rocket Software Tom Wedgbury Bug Bounty2023-01-042023-06-13
611The SSRF that Brought down a Server SSRF DoS NA g30rgy th3 d4rk (@Crypt0g30rgy) Bug Bounty2023-01-072023-06-13
607Lexmark MC3224adwe RCE exploit RCE SSRF Printer hacking Unrestricted file upload Local Privilege Escalation Lexmark blasty (@bl4sty) Bug Bounty2023-01-092023-06-13
604“2022: A Year of Fascinating Discoveries” CSRF SSRF Blind XSS Password reset Hyperlink injection IDOR Weak credentials AWS misconfiguration NA dhakal_bibek (@dhakal__bibek) Bug Bounty2023-01-092023-06-13
598Client-Side SSRF to Google Cloud Project Takeover [Google VRP] SSRF CSRF Open redirect Google Dohyun Lee Bug Bounty2023-01-122023-06-13
580How Orca Found Server-Side Request Forgery (SSRF) Vulnerabilities in Four Different Azure Services SSRF Cloud Microsoft (Azure) Lidor Ben Shitrit Bug Bounty2023-01-172023-06-13
562Bypassing E2E encryption leads to multiple high vulnerabilities. IDOR SSRF NA Asem Eleraky (@melotover) Bug Bounty2023-01-202023-06-13
528Blind XSS To SSRF Blind XSS SSRF NA Akash c Bug Bounty2023-01-292023-06-13
504Host Header Injection to Complete Organization takeover SSRF Host header injection Privilege escalation NA Muhammad Umer Adeem Bug Bounty2023-02-022023-06-13
462SSRF That Allowed Us to Access Whole Infra Web Services and Many More SSRF NA Basavaraj Banakar (@basu_banakar) Bug Bounty2023-02-122023-06-13
399Exploits Explained: Using APIs to Execute a Server-Side Request Forgery SSRF NA @cor3min3r Bug Bounty2023-02-242023-06-13
398draw.io CVEs SSRF OAuth Open redirect Token leak Security code review draw.io @caioluders Bug Bounty2023-02-242023-06-13
373Exfiltrating AWS Credentials via PDF Rendering of Unsanitized Input SSRF HTML injection XSS NA Cristi Vlad (@CristiVlad25) Bug Bounty2023-03-012023-06-13
357GitHub Security Lab audited DataHub: Here’s what they found SSRF Insecure deserialization Cypher injection Authentication bypass Authorization bypass XSS Open redirect JWT JSON injection Cryptographic issues Session expiration issue Security code review DataHub Alvaro Muñoz (@pwntester) Bug Bounty2023-03-032023-06-13
339Attacking .NET Web Services Security code review Arbitrary file read Arbitrary file write SSRF Siemens b0yd (@rwincey) Bug Bounty2023-03-062023-06-13
314The story of how I was able to chain SSRF with Command Injection Vulnerability SSRF OS command injection RCE NA Raj Qureshi (@RajQureshi9) Bug Bounty2023-03-122023-06-13
301Finding Hundreds of SSRF Vulnerabilities on AWS SSRF AWS Carlos Polop Bug Bounty2023-03-142023-06-13
291SSRF Cross Protocol Redirect Bypass SSRF NA Szymon Drosdzol Bug Bounty2023-03-162023-06-13
277How I got access to Essilor International company customer PII INFO by AWS metadata access through SSRF SSRF NA Santosh Kumar Sha (@killmongar1996) Bug Bounty2023-03-212023-06-13
250Found SSRF and LFI in Just 10 minutes of using burp! SSRF LFI NA Khaled Mohamed (@0xElkomy) Bug Bounty2023-03-302023-06-13
232Holiday Hunting With Aquatone SSRF Missing authentication Information disclosure NA Kuldeep Pandya (@kuldeepdotexe) Bug Bounty2023-04-032023-06-13
184My First Case of SSRF Using Dirsearch SSRF NA Mba-oji Chiagoziem (@g0ziem) Bug Bounty2023-04-182023-06-13
123When Good APIs Go Bad: Uncovering 3 Azure API Management Vulnerabilities SSRF Unrestricted file upload Path traversal Cloud Microsoft (Azure) Liv Matan (@terminatorLM) Bug Bounty2023-05-042023-06-13
91Triple Threat: Breaking Teltonika Routers Three Ways IoT RCE OS command injection SSRF XSS Teltonika Roni Gavrilov Bug Bounty2023-05-152023-06-13