Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
953[CVE-2022-1786] A Journey To The Dawn Use-After-Free Memory corruption Local Privilege Escalation Google (kCTF) Linux Kernel Organization kylebot (@ky1ebot) Bug Bounty2022-10-152023-06-13
952My First Critical Bug In HackerOne Platform HTTP request smuggling NA EX_097 Bug Bounty2022-10-162023-06-13
951How I Got $10,000 From GitHub For Bypassing Filtration of HTML tags XSS GitHub Saajan Bhujel (@saajanbhujel) Bug Bounty2022-10-162023-06-13
950Toner Deaf – Printing your next persistence (Hexacon 2022) Path traversal Arbitrary file write RCE Printer hacking Lexmark Alex Plaskett (@alexjplaskett) Bug Bounty2022-10-172023-06-13
949Facebook SMS Captcha Was Vulnerable to CSRF Attack CSRF Meta / Facebook Lokesh Kumar (@lokeshdlk77) Bug Bounty2022-10-172023-06-13
948Pwn2Own Miami 2022: ICONICS GENESIS64 Arbitrary Code Execution RCE ICONICS Sector 7 (@sector7_nl) Bug Bounty2022-10-172023-06-13
947Analysis of a Remote Code Execution (RCE) Vulnerability in Cobalt Strike 4.7.1 RCE XSS HelpSystems Rio (@0x09AL) Bug Bounty2022-10-172023-06-13
946Guest Blog Post - Memory corruption vulnerabilities in Edge Browser hacking Memory corruption Use-After-Free Out-of-bounds Read Out-of-bounds Write Microsoft David Erceg (@david_erceg) Bug Bounty2022-10-172023-06-13
945CVE 2022–24082, RCE in the PEGA Platform — Discovery, Remediation & Technical Details (Long Live JMX!!!) RCE JMX PEGA Marcin Wolak Bug Bounty2022-10-172023-06-13
944PHP Filters Chain: What Is It And How To Use It Insecure deserialization PHP filter chain Laravel Rémi Matasse (@_remsio_) Bug Bounty2022-10-182023-06-13
943Basic recon to RCE III RCE OS command injection NA Joshua Martinelle (@J0_mart) Bug Bounty2022-10-182023-06-13
942The Danger of Falling to System Role in AWS SDK Client Cloud Privilege escalation Security misconfiguration NA Fracensco Lacerenza (@lacerenza_fra) Bug Bounty2022-10-182023-06-13
941Remote Code Execution in Melis Platform RCE Path traversal Insecure deserialization Security code review Melis Platform Karim El Ouerghemmi Bug Bounty2022-10-182023-06-13
940Yet Another Telerik UI Revisit Cryptographic issues RCE Progress (Telerik) Paul Mueller Bug Bounty2022-10-192023-06-13
939Vulnerabilities in Tenda%27s W15Ev2 AC1200 Router OS command injection Buffer Overflow Memory corruption Stored XSS Authorization flaw Information disclosure Tenda Olivier Laflamme (@olivier_boschko) Bug Bounty2022-10-192023-06-13
938Found vulnaribility on subdomain of nasa.gov simply using censys Exposed registration page NASA hacker_might Bug Bounty2022-10-192023-06-13
937Scan QR Code and Got Hacked (CVE-2021–43530 : UXSS on Firefox Android Version) Universal XSS Android Mozilla hafiizh Bug Bounty2022-10-192023-06-13
936CVE-2022-3236: Sophos Firewall User Portal and Web Admin Code Injection RCE Code injection Security code review Sophos Guy Lederfein (@glederfein) Bug Bounty2022-10-192023-06-13
935Microsoft Office Online Server Remote Code Execution SSRF RCE Microsoft Manish Tanwar (@IndiShell1046) Bug Bounty2022-10-192023-06-13
934FabriXss (CVE-2022-35829): How We Managed to Abuse a Custom Role User Using CSTI and Stored XSS in Azure Fabric Explorer CSTI Stored XSS Microsoft Lidor Ben Shitrit Bug Bounty2022-10-192023-06-13
933Second Order XXE Exploitation XXE Arbitrary file read NA Kuldeep Pandya (@kuldeepdotexe) Bug Bounty2022-10-192023-06-13
932HTTP/3 connection contamination: an upcoming threat? HTTP connection contamination NA James Kettle (@albinowax) Bug Bounty2022-10-192023-06-13
931A New Attack Surface on MS Exchange Part 4 - ProxyRelay! RCE Privilege escalation Microsoft Orange Tsai (@orange_8361) Bug Bounty2022-10-192023-06-13
93023000$ for Authentication Bypass & File Upload & Arbitrary File Overwrite JWT Authentication bypass Arbitrary file write Unrestricted file upload NA Souhaib Naceri (@h4x0r_dz) Bug Bounty2022-10-192023-06-13
929Potential Remote Code Execution Vulnerability Discovered In HSQLDB RCE Security code review HSQL Development Group (HSQLDB) Code Intelligence (@CI_Fuzz) Bug Bounty2022-10-192023-06-13