Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1944NPM might be executing malicious code in your CI without your knowledge RCE GitHub Rotem Bar (@rotembar) Bug Bounty2022-01-032023-06-13
1935A phishing document signed by Microsoft – part 2 Phishing RCE Microsoft Pieter Ceelen (@ptrpieter) Bug Bounty2022-01-072023-06-13
1931How did I find Log4j vulnerability via Static Code Analysis and receive €€€ bounty? Log4shell RCE NA Pranav Gajjar (@Pranav_Gajjar_) Bug Bounty2022-01-102023-06-13
1929Pre-Auth RCE in Moodle Part II - Session Hijack in Moodle%27s Shibboleth Session hijacking Session management issue Account takeover RCE Moodle Johannes Moritz Bug Bounty2022-01-102023-06-13
1928Cross-Origin Resource Sharing (CORS) Misconfiguration leads to User’s PII leaks. CORS misconfiguration NA Tarikul Islam (@sa1tama0) Bug Bounty2022-01-102023-06-13
1926Attacking RDP from Inside: How we abused named pipes for smart-card hijacking, unauthorized file system access to client machines and more RCE Microsoft Gabriel Sztejnworcel (@sztejnworcel) Bug Bounty2022-01-112023-06-13
1918RCE In Adobe Acrobat Reader For Android(CVE-2021-40724) RCE Path traversal Android Google Adobe sunny (@hulkvision) Bug Bounty2022-01-142023-06-13
1906The Tale of a Click leading to RCE RCE SSRF CatchPoint Roni Carta (@0xLupin) Bug Bounty2022-01-182023-06-13
1894How I was able to take over accounts in websites deal with Github as an SSO provider Bruteforce Lack of rate limiting SSO Email verification bypass Account takeover NA Khaled Mohamed Bug Bounty2022-01-252023-06-13
1887Technical Analysis of CVE-2022-22583: Bypassing macOS System Integrity Protection (SIP) MacOS SIP bypass Apple Perception Point Bug Bounty2022-01-272023-06-13
1884The Story of an RCE on a Java Web Application Insecure deserialization NA LIL NIX (@Lil__Nix) Bug Bounty2022-01-272023-06-13
1882The Story of a RCE on a Java Web Application RCE Insecure deserialization NA LIL NIX (@Lil__Nix) Bug Bounty2022-01-282023-06-13
1881Command Injection in Google Cloud Shell RCE OS command injection Google Ademar Nowasky Junior Bug Bounty2022-01-282023-06-13
1872Remote Code Execution in .tgz File Upload RCE Unrestricted file upload NA Nick Berrie (@machevalia) Bug Bounty2022-01-302023-06-13
1871Missing rate-limiting. How I was able to add any unowned phone number to my Facebook account? (Bounty: 5000 USD) OTP bruteforce Lack of rate limiting Meta / Facebook Shubham Bhamare (@theshubh77) Bug Bounty2022-01-312023-06-13
1865CVE-2021-44142: Details On A Samba Code Execution Bug Demonstrated At Pwn2Own Austin Memory corruption RCE NA Nguyễn Hoàng Thạch (@hi_im_d4rkn3ss) Bug Bounty2022-02-012023-06-13
1863No Rate Limiting on OTP sending Bruteforce Lack of rate limiting NA nOOb_mAsTeR Bug Bounty2022-02-022023-06-13
1855HigherLogic Community RCE Vulnerability Insecure deserialization RCE 8x8 IBM 0daystolive (@0daystolive) Bug Bounty2022-02-032023-06-13
1853Write Up – Private Bug Bounty: RCE In EC2 Instance Via SSH With Private Key Exposed On Public Github Repository – $xx,000 USD Information disclosure NA Omar Espino (@omespino) Bug Bounty2022-02-032023-06-13
1851How I bypassed PHP functions to read sensitive files on server Components with known vulnerabilities RCE NA Kailash (@corrupted_brain) Bug Bounty2022-02-042023-06-13
1836WordPress < 5.8.3 - Object Injection Vulnerability Object injection RCE WordPress Simon Scannell (@scannell_simon) Bug Bounty2022-02-082023-06-13
1823How i made 15k$ from Remote Code Execution Vulnerability Code injection RCE Self-XSS NA Abdulrahman Makki (@AMakki1337) Bug Bounty2022-02-132023-06-13
1819Advisory: Western Digital My Cloud Pro Series PR4100 RCE RCE OS command injection Western Digital Quentin Kaiser (@QKaiser) Bug Bounty2022-02-152023-06-13
1816Hunting for bugs in VMware: View Planner and vRealize Business for Cloud RCE VMware Mikhail Klyuchnikov (@__Mn1__) Bug Bounty2022-02-152023-06-13
1810CVE-2022-0478 - WooCommerce Event-Manager Plugin SQL Injection SQL injection Security code review Automattic (WooCommerce) Castilho (@castilho101) Bug Bounty2022-02-162023-06-13