Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1683Unauthenticated Remote Code Execution in Cisco Nexus Dashboard Fabric Controller (formerly DCNM) Insecure deserialization Local Privilege Escalation RCE Cisco Pedro Ribeiro (@pedrib1337) Bug Bounty2022-03-302023-06-13
1682CVE-2022-27643 - NETGEAR R6700v3 upnpd Buffer Overflow Remote Code Execution Vulnerability Memory corruption RCE Netgear Relyze (@relyze) Bug Bounty2022-03-312023-06-13
1678A Large-scale and Longitudinal Measurement Study of DKIM Deployment Email spoofing Phishing Google Mailchimp Sendgrid Salesforce Chuhan Wang Bug Bounty2022-04-012023-06-13
1677Pwning a Cisco RV340 with a 4 bug chain exploit Local Privilege Escalation OS command injection RCE Session management issue Cisco Liv (@terminatorLM) Bug Bounty2022-04-012023-06-13
1648Meta%27s SparkAR RCE Via ZIP Path Traversal RCE Path traversal Meta / Facebook Fady Othman (@Fady_Othman) Bug Bounty2022-04-072023-06-13
1603Adventures Into The MeowCorp Bug Bounty Program Information disclosure Weak credentials SSRF .git folder disclosure RCE NA Nirmal Thapa (@tnirmalz) Bug Bounty2022-04-212023-06-13
1600EJS, Server side template injection RCE (CVE-2022-29078) - writeup SSTI RCE ejs NetApp Eslam Salem (@net_code) Bug Bounty2022-04-232023-06-13
1582Hacking a Bank by Finding a 0day in DotCMS Directory traversal Unrestricted file upload RCE NA Shubham Shah (@infosec_au) Bug Bounty2022-05-032023-06-13
1581[UNPATCHED] Cli: gh run download implementation allows overwriting git repository configuration upon artifacts downloading RCE GitHub Vladimir Metnew (@vladimir_metnew) Bug Bounty2022-05-042023-06-13
1571Cloudflare Pages, part 1: The fellowship of the secret Command injection Container escape Bash Path injection RCE Local Privilege Escalation Information disclosure Cloudflare Sean Yeoh (@seanyeoh) Bug Bounty2022-05-062023-06-13
1566Can analyzing javascript files lead to remote code execution? Unrestricted file upload RCE NA Asem Eleraky (@melotover) Bug Bounty2022-05-082023-06-13
1564RCE via Dependency Confusion Dependency confusion NA Samrat Gupta (@Sm4rty_) Bug Bounty2022-05-102023-06-13
1557New Wine in Old Bottle - Microsoft Sharepoint Post-Auth Deserialization RCE (CVE-2022-29108) Insecure deserialization RCE Microsoft Nguyễn Tiến Giang (@testanull) Bug Bounty2022-05-122023-06-13
1539Research: Auditing WordPress Plugins SQL injection LFI XSS RCE NA cy//ective (@cyllective) Bug Bounty2022-05-202023-06-13
15202nd RCE and XSS in Apache Struts before 2.5.30 RCE Double OGNL evaluation XSS Apache Struts Chris (@mc_0wn) Bug Bounty2022-05-252023-06-13
1516Bygone Vulnerabilities - Remote Code Execution in IBM Lotus SameTime Clients (CVE-2013-0553) XSS RCE IBM Brian (@hoyahaxa) Bug Bounty2022-05-272023-06-13
1515A Simple SQL Injection in an Air Force Website SQL injection U.S. Dept Of Defense Corben Leo (@hacker_) Bug Bounty2022-05-272023-06-13
1506From open redirect to RCE in one week Open redirect SSRF Insecure deserialization LFI RCE Mail.ru byq (@ByQwert) Bug Bounty2022-05-312023-06-13
1505SQL injection to Remote Command Execution (RCE) SQL injection RCE NA Kwadwo Amoako Bug Bounty2022-05-312023-06-13
1503Microsoft Dynamics Container Sandbox RCE via Unauthenticated Docker Remote API 20,000$ Bounty RCE Microsoft Chen Cohen (@chencococococo) Bug Bounty2022-06-012023-06-13
1498Ivanti EPM Remote Code Execution RCE Components with known vulnerabilities NA Nick Berrie (@machevalia) Bug Bounty2022-06-052023-06-13
1485CVE-2022-1040 Sophos XG Firewall Authentication bypass Authentication bypass RCE Sophos Nguyễn Đình Biển (@biennd279) Bug Bounty2022-06-092023-06-13
1470SynLapse – Technical Details for Critical Azure Synapse Vulnerability Cross-tenant vulnerability RCE Cloud Microsoft Tzah Pahima (@TzahPahima) Bug Bounty2022-06-142023-06-13
1469Cryptographic Side-Channels (Timing Leaks) in JSBN Cryptographic issues Side-channel attack Timing attack Xfinity Opensource Soatok (@SoatokDhole) Bug Bounty2022-06-142023-06-13
1468403 bypass on a fortune 100 financial institution (P3) Information disclosure Authorization flaw Forced browsing NA Damaidec Bug Bounty2022-06-142023-06-13