Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
2781Build Pipeline Security RCE AWS xssfox (@xssfox) Bug Bounty2021-02-182023-06-13
2777RCE On A Laravel Private Program RCE NA Yashar Shahinzadeh (@YShahinzadeh) Bug Bounty2021-02-202023-06-13
2753Big Bugs: Bitbucket Pipelines Kata Containers Build Container Escape RCE NA Alex Chapman (@ajxchapman) Bug Bounty2021-02-282023-06-13
2745How I Might Have Hacked Any Microsoft Account Account takeover Password reset Bruteforce MFA bypass Microsoft Laxman Muthiyah (@laxmanmuthiyah) Bug Bounty2021-03-022023-06-13
2743Content Injection (RCE) in Yandex Browser for Android [2018] MiTM Yandex Nightwatch Cybersecurity (@nightwatchcyber) Bug Bounty2021-03-032023-06-13
2712CVE-2021-27076: A Replay-style Deserialization Attack Against Sharepoint Insecure deserialization RCE Microsoft Simon Zuckerbraun (@HexKitchen) Bug Bounty2021-03-172023-06-13
2706TikTok for Android 1-Click RCE RCE XSS Insecure intent Android TikTok Sayed Abdelhafiz (@dPhoeniixx) Bug Bounty2021-03-182023-06-13
2699OTP brute-force via rate limit bypass Bruteforce Lack of rate limiting OTP bypass NA Bilal Muqeet (@blmqt) Bug Bounty2021-03-212023-06-13
2677Zero click vulnerability in Apple’s macOS Mail Account takeover Information disclosure RCE Apple Mikko Kenttälä (@Turmio_) Bug Bounty2021-04-012023-06-13
2667Code execution as root via AT commands on the Quectel EG25-G modem OS command injection RCE Quectel nns Bug Bounty2021-04-032023-06-13
2666RCE on Starbucks Singapore and more for $5600 RCE Unrestricted file upload Starbucks Kamil Onur Özkaleli (@ko2sec) Bug Bounty2021-04-042023-06-13
2664Remote code execution through unsafe unserialize in PHP Insecure deserialization RCE NA Sjoerd Langkemper Bug Bounty2021-04-042023-06-13
2661Intro to Open-source Bug Bounty Path traversal Mailtrain Arjun Shibu (@0xsegf) Bug Bounty2021-04-052023-06-13
2658Apple TV for Fire OS code execution RCE Insecure storage Man-in-the-Disk attack Apple Razvan Sima (@0xraaz) Bug Bounty2021-04-052023-06-13
2656Chaining an Blind SSRF bug to Get an RCE Blind SSRF RCE NA Santosh Kumar Sha (@killmongar1996) Bug Bounty2021-04-072023-06-13
2649ELECTRIC CHROME - CVE-2020-6418 on Tesla Model 3 RCE Browser hacking Tesla Google Chris Williams (@HawaiiFive0day) Bug Bounty2021-04-122023-06-13
2648You Talking To Me? RCE Browser hacking Google Li JianTao (@cursered) Bug Bounty2021-04-122023-06-13
2647Exploiting Struts RCE on 2.5.26 RCE Double OGNL evaluation Apache Struts Chris (@mc_0wn) Bug Bounty2021-04-122023-06-13
2645Advisory: Cisco RV34X Series – Authentication Bypass and Remote Command Execution Authentication bypass OS command injection RCE Cisco T. Shiomitsu Bug Bounty2021-04-132023-06-13
2643Vulnerability Spotlight: Multiple remote code execution vulnerabilities in Microsoft Azure Sphere RCE Microsoft Cisco Talos Bug Bounty2021-04-142023-06-13
2640Allow arbitrary URLs, expect arbitrary code execution RCE Nextcloud Telegram VLC Fabian Bräunlein Bug Bounty2021-04-152023-06-13
2634Discoure themes OS Command Injection RCE OS command injection Discourse joernchen (@joernchen) Bug Bounty2021-04-182023-06-13
2630Exploiting Unrestricted File Upload to achieve Remote Code Execution on a bug bounty program Unrestricted file upload RCE NA Jadek Mark (@mase289) Bug Bounty2021-04-182023-06-13
2622CVE-2021-30481: Source engine remote code execution via game invites RCE Integer underflow Valve floesen (@floesen_) Bug Bounty2021-04-202023-06-13
2621DMCA.COM Hack, Full Disclosure (With Proof-of-Concept) Privilege escalation Client-side enforcement of server-side security Stored XSS Broken Access Control DMCA Joël Aviad Ossi Bug Bounty2021-04-212023-06-13