Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
231Pentah0wnage: Pre-Auth RCE in Pentaho Business Analytics Server RCE SSTI Authorization bypass Groovy scripting Hitachi Vantara (Pentaho) Harry Withington Bug Bounty2023-04-042023-06-13
192(CVE-2023-2017) Shopware 6 Server-side Template Injection (SSTI) via Twig Security Extension SSTI RCE Security code review Shopware Ngo Wei Lin (@Creastery) Bug Bounty2023-04-172023-06-13
190Multiple Critical Vulnerabilities In Strapi Versions <=4.7.1 Authentication bypass SSTI RCE Amazon cognito misconfiguration Information disclosure Strapi GhostCcamm (@GhostCcamm) Bug Bounty2023-04-172023-06-13
137Placeholder for Dayzzz: Abusing placeholders to extract customer informations SSTI Information disclosure GitHub Ophion Security (@OphionSecurity) Bug Bounty2023-05-012023-06-13
130When you%27re so bored, you start debugging someone else%27s code: bug hunting in a random Cloud-Native project SSTI RCE Foreman ONSEC.io Research Team Bug Bounty2023-05-032023-06-13
64Red team: Journey from RCE to have total control of cloud infrastructure RCE SSTI Container escape Kubernetes Components with known vulnerabilities CI/CD NA Quang Vo (@mr_r3bot) Bug Bounty2023-05-222023-06-13