Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
282SSTI leads to RCE on PyroCMS SSTI RCE PyroCMS cupc4k3 Bug Bounty2023-03-202023-06-13
281JMX Exploitation Revisited RCE JMX NA Markus Wulftange (@mwulftange) Bug Bounty2023-03-202023-06-13
280Credit card statement disclosure vulnerability in Viseca%27s eXpense portal IDOR Viseca Pentagrid (@pentagridsec) Bug Bounty2023-03-202023-06-13
279Parallels Desktop Toolgate Vulnerability Path traversal Arbitrary file write Security code review Thick client Parallels Alexandre Adamski (@NeatMonster_) Bug Bounty2023-03-202023-06-13
278Bypassing CloudTrail in AWS Service Catalog, and Other Logging Research Cloud CloudTrail bypass AWS Nick Frichette (@frichette_n) Bug Bounty2023-03-202023-06-13
277How I got access to Essilor International company customer PII INFO by AWS metadata access through SSRF SSRF NA Santosh Kumar Sha (@killmongar1996) Bug Bounty2023-03-212023-06-13
276Windows Installer EOP (CVE-2023-21800) Local Privilege Escalation Microsoft (Windows) Adrian Denkiewicz Bug Bounty2023-03-212023-06-13
275PHP Filter Chains: File Read From Error-based Oracle Arbitrary file read LFI PHP filter chain NA Rémi Matasse (@_remsio_) Bug Bounty2023-03-212023-06-13
274Improper Privilege Management in Grails Spring Security Core <= 5.1.0 (CVE-2022-41923) Privilege escalation Authorization bypass Grails Benjamin Sepe (@Butanal_C4H8O) Bug Bounty2023-03-212023-06-13
273Expression DoS Vulnerability Found In Spring - CVE-2023-20861 DoS Spring Dan Glendowne Bug Bounty2023-03-222023-06-13
272Story of a Beautiful Account Takeover. Account takeover OTP bypass NA Ambush Neupane (@N_ambush) Bug Bounty2023-03-232023-06-13
271Finding Initial Access on a real life Penetration Test Old components with known vulnerabilities Internal pentest RCE NA Warren Butterworth (@w88ugs) Bug Bounty2023-03-232023-06-13
270Escalating Privileges with Azure Function Apps Privilege escalation Cloud Container escape RCE Microsoft (Azure) Karl Fosaaen (@kfosaaen) Bug Bounty2023-03-232023-06-13
269Exploiting prototype pollution in Node without the filesystem Server-side prototype pollution RCE NA Gareth Heyes (@garethheyes) Bug Bounty2023-03-232023-06-13
268Joomla! CVE-2023-23752 to Code Execution Broken Access Control RCE Joomla! Jacob Baines (@Junior_Baines) Bug Bounty2023-03-232023-06-13
267Hacking AI: System and Cloud Takeover via MLflow Exploit LFI RFI RCE MLflow Dan McInerney (@DanHMcInerney) Bug Bounty2023-03-252023-06-13
266CVE-2023–1410 : Stored XSS in the Graphite Function Description tooltip Stored XSS Grafana Labs Aswin K V (@deep_marketer_) Bug Bounty2023-03-252023-06-13
265How I escalated default credentials to Remote Code Execution Default credentials RCE NA Pawan Chhabria (@heybenchmarkkk) Bug Bounty2023-03-262023-06-13
264My Journey to Nokia Hall of Fame in just 10 minutes DOM XSS Open redirect Nokia Rajdip Bug Bounty2023-03-272023-06-13
263Using an Undocumented Amplify API to Leak AWS Account IDs Cloud Information disclosure AWS Nick Frichette (@frichette_n) Bug Bounty2023-03-272023-06-13
262My First Bug, Open redirect at Epic Games → $500 Bounty Open redirect Epic Games Professor the Hunter (@bughuntar) Bug Bounty2023-03-272023-06-13
261Dynamic Linking Injection and LOLBAS Fun DLL Hijacking Dynamic-linking injection Local Privilege Escalation NA Joseph Henry Bug Bounty2023-03-282023-06-13
260The curl quirk that exposed Burp Suite & Google Chrome LFI PortSwigger Google (Chrome) Paul Mutton (@paulmutton) Bug Bounty2023-03-282023-06-13
259High severity vulnerability fixed in WordPress Elementor Pro plugin. Broken Access Control Privilege Escalation Security code review Elementor Jerome Bruandet Bug Bounty2023-03-282023-06-13
258A short tell of LFI from PDF link → Professor the Hunter LFI NA Professor the Hunter (@bughuntar) Bug Bounty2023-03-292023-06-13