Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
5089Remote Code Execution in AT&T RCE SSTI Components with known vulnerabilities AT&T Corben Leo (@hacker_) Bug Bounty2017-03-102023-06-13
5088Airbnb – Ruby on Rails String Interpolation led to Remote Code Execution RCE Airbnb Brett Buerhaus (@bbuerhaus) Bug Bounty2017-03-132023-06-13
5073Pivoting from blind SSRF to RCE with HashiCorp Consul Blind XSS RCE NA Peter Adkins (@darkarnium) Bug Bounty2017-05-292023-06-13
5063How I got 5500$ from Yahoo for RCE RCE Yahoo! / Verizon Media Th3G3nt3lman (@Th3G3nt3lman) Bug Bounty2017-06-042023-06-13
5049CVE-2017-10711: Reflected XSS vulnerability in SimpleRisk – Open Source Risk Management System Reflected XSS SimpleRisk Mohamed A. Baset Bug Bounty2017-06-282023-06-13
5022May the Shells be with You - A Star Wars RCE Adventure! RCE NA Andy Gill (@ZephrFish) Bug Bounty2017-07-222023-06-13
5015How I Chained 4 vulnerabilities on GitHub Enterprise, From SSRF Execution Chain to RCE! SSRF RCE CRLF injection Insecure deserialization GitHub Orange Tsai (@orange_8361) Bug Bounty2017-07-282023-06-13
5002Secure Your Jenkins Instance Or Hackers Will Force You To! (Snapchat’s $5,000 Vulnerability) RCE LFI Exposed Jenkins instance Snapchat Ben Sadeghipour (@nahamsec) Bug Bounty2017-08-222023-06-13
4999Upgrade from LFI to RCE via PHP Sessions LFI RCE NA Julien Ahrens (@MrTuxracer) Bug Bounty2017-08-282023-06-13
4998Bypassing Rate Limit Protection by spoofing originating IP Bruteforce NA Arbaz Hussain (@ArbazKiraak) Bug Bounty2017-08-302023-06-13
4966How I could have mass uploaded from every Flickr account! Bruteforce Flickr Jazzy (@ret2got) Bug Bounty2017-10-052023-06-13
4962Exploiting Insecure Cross Origin Resource Sharing ( CORS ) | api.artsy.net CORS misconfiguration Artsy Muhammad Khizer Javed (@khizer_javed47) Bug Bounty2017-10-102023-06-13
4955Sensitive data exposure by requesting a resource with a different content type Information disclosure NA Yogendra Jaiswal (@vulnh0lic) Bug Bounty2017-10-172023-06-13
4926Taking note: XSS to RCE in the Simplenote Electron client XSS RCE Automattic Yasin Soliman (@SecurityYasin) Bug Bounty2017-11-222023-06-13
4921LFI to Command Execution: Deutche Telekom Bug Bounty LFI RCE Deutche Telekom Daniel Maksimovic Bug Bounty2017-11-302023-06-13
4919Getting a RCE — CTF Way RCE NA Rojan Rijal (@uraniumhacker) Bug Bounty2017-12-052023-06-13
4912LFI to 10 servers pwn LFI RCE NA Nirmal Dahal (@TheNittam) Bug Bounty2017-12-192023-06-13
4911Unrestricted File Upload to RCE | Bug Bounty POC RCE Meta / Facebook Muhammad Khizer Javed (@khizer_javed47) Bug Bounty2017-12-192023-06-13
4899RCE Vulnerabilite in Yahoo Subdomain! ( Yahoo! RCE via Spring Engine SSTI ) By tghawkins RCE Yahoo! / Verizon Media Mohamed Haron (@m7mdharon) Bug Bounty2018-01-052023-06-13
4887Internshala Bug in Internshala Student Partner Bruteforce Internshala Circle Ninja (@circleninja) Bug Bounty2018-01-202023-06-13
4882No RCE? Then SSH to the box! LFI Path traversal RCE NA Jasmin Laundry (@JR0ch17) Bug Bounty2018-01-252023-06-13
4864I figured out a way to hack any of Facebook’s 2 billion accounts, and they paid me a $15,000 bounty for it Bruteforce Account takeover Meta / Facebook Anand Prakash (@anandpraka_sh) Bug Bounty2018-02-092023-06-13
4853[RCE] Remote Code Execution in Wordpress iOS Application (version 9.3) RCE iOS WordPress Evan Ricafort (@evanricafort) Bug Bounty2018-02-212023-06-13
4847#BugBounty — API keys leakage, Source code disclosure in India’s largest e-commerce health care company. Path traversal NA Avinash Jain (@logicbomb_1) Bug Bounty2018-02-252023-06-13
4846How i Hacked into a bugcrowd. public program RCE NA Vishnuraj Bug Bounty2018-02-252023-06-13