Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
82LOLBINed — Finding “LOLBINs” In AV Uninstallers Local Privilege Escalation Kaspersky F-Secure Trend Micro McAfee Nasreddine Bencherchali (@nas_bench) Bug Bounty2023-05-172023-06-13
81DLL Hijacking Strikes Back: Exploiting Windows on ARM RDP Client (CVE-2023-24905) DLL Hijacking Local Privilege Escalation Microsoft (Windows) Dor Dali Bug Bounty2023-05-172023-06-13
79KeePass Master Password Exploit - CVE-2023-32784 - Proof Of Concept (POC) Plaintext Storage of a Password Thick client KeePass Luke Kavanagh Bug Bounty2023-05-172023-06-13
78A $1,000,000 bounty? The KuCoin User Information Leak Information disclosure Zendesk Authorization flaw Security misconfiguration NA Corben Leo (@hacker_) Bug Bounty2023-05-182023-06-13
77How Misconfigured and Vulnerable Devices Could Expose Your Company to Physical and Cyber Threats IoT Default credentials Internal pentest NA Arben Shala (@arbennsh) Bug Bounty2023-05-182023-06-13
76Stored Iframe Injection & Permanent Open Redirection - Zero Day HTML injection Open redirect Discourse Jerry Shah (@Jerry) Bug Bounty2023-05-182023-06-13
75Blind OS Command Injection via Activation Request OS command injection NA Arumusutakimu (@arumusutakimu) Bug Bounty2023-05-182023-06-13
74Blind OS Command Injection via Activation Request Memory corruption Buffer Overflow Out-of-bounds Read VMware Nguyễn Hoàng Thạch (@hi_im_d4rkn3ss) Bug Bounty2023-05-182023-06-13
73Official extension spoofing attacks: when trusted add-ons are not so trusted Extension spoofing Account takeover XSS NA Yesenia Trejo (@Yess_2021xD) Bug Bounty2023-05-192023-06-13
72DNS Recursion Leads to DoS Attack Vivo Play (IPTV) — CVE-2023–31893 DoS Vivo Shooter Bug Bounty2023-05-202023-06-13
70Why You Should Always Check The Audit Log [Medium] — $500 Information disclosure NA Emanuel Beni Harijanto Bug Bounty2023-05-202023-06-13
69Exploiting SQL Error SQLSTATE[42000] To Own MariaDB of A Large Online Media Leader SQL injection NA nav1n (@nav1n0x) Bug Bounty2023-05-202023-06-13
672FA Bypass Using Custom Cookie Parameter MFA bypass Android NA Sharat Kaikolamthuruthil (@sharp488) Bug Bounty2023-05-222023-06-13
66I helped a top Indian health benefits management platform from major PII leak by hacking their SQL Servers, AWS instance, DCs etc. SQL injection NA nav1n (@nav1n0x) Bug Bounty2023-05-222023-06-13
64Red team: Journey from RCE to have total control of cloud infrastructure RCE SSTI Container escape Kubernetes Components with known vulnerabilities CI/CD NA Quang Vo (@mr_r3bot) Bug Bounty2023-05-222023-06-13
63CVE 2023 25690 - Proof of Concept HTTP Request Smuggling HTTP request splitting CRLF injection Apache HTTP Server dhmosfunk (@DSkfunk) Bug Bounty2023-05-222023-06-13
61From Response To Request, Adding Your Own Variables Inside Of GraphQL Queries For Account Take Over GraphQL IDOR Mass assignment NA Tom Neaves Bug Bounty2023-05-232023-06-13
58Unintended Path to Exam Domination - AWS EC2 Meta-Data Cloud Privilege escalation NA Dr. Michael Gschwender (@rootcathacking) Bug Bounty2023-05-242023-06-13
57how I found a tricky XSS XSS NA Ziad Ali Bug Bounty2023-05-242023-06-13
56Hacking my “smart” toothbrush IoT Reverse engineering NFC NA Cyrill Künzi Bug Bounty2023-05-242023-06-13
55XSS Via Qr Code XSS NA Ahmed Osama (A0G) Bug Bounty2023-05-252023-06-13
53Exploiting The Sonos One Speaker Three Different Ways: A Pwn2Own Toronto Highlight Memory corruption RCE Out-of-bounds Read Sonos The ZDI Research Team (@thezdi) Bug Bounty2023-05-252023-06-13
52Exploring Three Remote Code Execution Vulnerabilities in RPC Runtime RCE MS-RPC Integer overflow Memory corruption Microsoft (Windows) Ben Barnea (@nachoskrnl) Bug Bounty2023-05-262023-06-13
51Utilizing Historical URLs of an Organization to successfully execute SQL queries — Blind SQLi Blind SQL injection NA Aayush Vishnoi (@AayushVishnoi10) Bug Bounty2023-05-262023-06-13
49Anonymised Penetration Test Report Internal pentest RCE ADCS Active Directory Kerberos DHCPv6 LLMNR NA Volkis (@VolkisAU) Bug Bounty2023-05-282023-06-13