Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
2998WonderCMS 3.1.3 - Authenticated RCE & Blind SSRF Vulnerability Blind SSRF RCE WonderCMS Mas Zet (@zetc0de) Bug Bounty2020-11-292023-06-13
2984RCE via LFI Log Poisoning - The Death Potion RCE LFI Log poisoning NA Jerry Shah (@Jerry) Bug Bounty2020-12-062023-06-13
2981"Important, Spoofing" - zero-click, wormable, cross-platform remote code execution in Microsoft Teams RCE Stored XSS CSP bypass CSTI Microsoft Oskars Vegeris Bug Bounty2020-12-072023-06-13
2972How I dumped PII information of customers in an ecommerce site? AWS misconfiguration NA Rikesh Baniya / NotRickyy (@rikeshbaniya) Bug Bounty2020-12-112023-06-13
2962D-Link: Multiple Security Vulnerabilities Leading to RCE RCE Authentication bypass Information disclosure D-Link Harold Zang Bug Bounty2020-12-172023-06-13
2961Github Secrets exposed due to RCE in Formatter Action from pull_request_target event RCE Google Anthony Weems Bug Bounty2020-12-172023-06-13
2957Write Up: Google VRP N/A – Sandboxed Rce As Root On Apigee API Proxies RCE Google Omar Espino (@omespino) Bug Bounty2020-12-192023-06-13
2951Cookie Tossing to RCE on Google Cloud JupyterLab Self-XSS DoS CSRF RCE Google s1r1us (@s1r1u5_) Bug Bounty2020-12-232023-06-13
2924Achieving Remote Code Execution By Exploiting Variable Check Feature RCE NA Shawar Khan (@ShawarkOFFICIAL) Bug Bounty2021-01-062023-06-13
2922Finding bugs on Chess.com Lack of rate limiting Bruteforce CSRF Chess.com Seqrity (@seqrity9) Bug Bounty2021-01-072023-06-13
2909Weblogic Remote Code Execution (Exploiting CVE-2019-2725) RCE NA Mahmoud Gamal (@Zombiehelp54) Bug Bounty2021-01-102023-06-13
2902Making Clouds Rain :: Remote Code Execution in Microsoft Office 365 RCE Microsoft Steven Seeley (@steventseeley) Bug Bounty2021-01-122023-06-13
2901GoCD Multiple Vulnerabilities RCE Information disclosure Insecure deserialization Security code review GoCD Denis Andzakovic Bug Bounty2021-01-122023-06-13
2894Attack of the clones 2: Git CLI remote code execution strikes back RCE GitHub Vitor Fernandes (@Rapt00rVF) Bug Bounty2021-01-152023-06-13
2890Finding 0day to hack Apple RCE ColdFusion Apple Harsh Jaiswal (@rootxharsh) Bug Bounty2021-01-162023-06-13
2889My first and last crit of 2020 on Hackerone Lack of rate limiting Bruteforce IDOR Password reset Account takeover NA Takester (@dhiraj_ramteke) Bug Bounty2021-01-162023-06-13
2878KindleDrip — From Your Kindle’s Email Address to Using Your Credit Card RCE Amazon Yogev Bar-On Bug Bounty2021-01-212023-06-13
2874The Secret Parameter, LFR, and Potential RCE in NodeJS Apps Local File Read RCE NA CaptainFreak (@0xCaptainFreak) Bug Bounty2021-01-232023-06-13
2866BMW Bug Bounty – Account Verification Bypass writeup OTP bypass Bruteforce Lack of rate limiting BMW Pethuraj (@Pethuraj) Bug Bounty2021-01-262023-06-13
2857Remote Code Execution – LimeSurvey (CVE-2018-7556) RCE NA yeuchimse (@yeuchimse) Bug Bounty2021-01-282023-06-13
2849An unexpected bug Bruteforce NA Nitin yadav (@Nitinydv14) Bug Bounty2021-01-312023-06-13
2832Escalating SSRF to RCE SSRF RCE NA Sander Wind (@SanderWind) Bug Bounty2021-02-062023-06-13
2800I Own your Cloud Shell: Taking over “Azure Cloud Shell” Kubernetes Cluster Through Unsecured Kubelet API 30,000$ Bounty Privilege escalation RCE Microsoft Chen Cohen (@chencococococo) Bug Bounty2021-02-152023-06-13
2799SHAREit Flaw Could Lead to Remote Code Execution Android RCE MiTM Man-in-the-Disk attack Insecure intent Vulnerable Android content provider SHAREit Echo Duan Bug Bounty2021-02-152023-06-13
2796Dropping a shell in Google’s Cloud SQL (the speckle-umbrella story) Configuration file injection RCE Google Imre Rad (@ImreRad) Bug Bounty2021-02-162023-06-13