Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1338Riding The Inforail To Exploit Ivanti Avalanche RCE Insecure deserialization Race condition Authentication bypass Ivanti Piotr Bazydło (@chudyPB) Bug Bounty2022-07-192023-06-13
1334Gitlab Project Import RCE Analysis (CVE-2022-2185) RCE GitLab Nguyễn Tiến Giang (@testanull) Bug Bounty2022-07-212023-06-13
1331Pwn2Own Miami 2022: Inductive Automation Remote Code Execution RCE Authentication bypass Inductive Automation Ignition Sector 7 (@sector7_nl) Bug Bounty2022-07-222023-06-13
1328WordPress Transposh: Exploiting a Blind SQL Injection via XSS - RCE Security SQL injection XSS Account takeover WordPress Julien Ahrens (@MrTuxracer) Bug Bounty2022-07-222023-06-13
1316Outdated PHP Version leads to RCE RCE Old components with known vulnerabilities NA iamdevansharya (@iamdevansharya) Bug Bounty2022-07-252023-06-13
1314CVE-2022–36446 — Webmin 1.996 — Remote Code Execution (RCE — Authenticated) During Install New Packages RCE OS command injection Webmin Emir Polat (@devilsgrins) Bug Bounty2022-07-262023-06-13
1311Advisory | Roxy-WI Unauthenticated Remote Code Executions CVE-2022-31137 RCE Authentication bypass Roxy-WI Nuri Çilengir (@ncilengir) Bug Bounty2022-07-262023-06-13
1305Exploiting GitHub Actions on open source projects RCE Elastic Rojan Rijal (@uraniumhacker) Bug Bounty2022-07-262023-06-13
1300Researching Open Source apps for XSS to RCE flaws XSS RCE NA Aleksey Solovev Bug Bounty2022-07-282023-06-13
1295Discord Desktop - Remote Code Execution RCE XSS Sandbox bypass CSP bypass Discord s1r1us (@s1r1u5_) Bug Bounty2022-07-292023-06-13
1279QNAP Poisoned XML Command Injection (Silently Patched) OS command injection RCE QNAP Jake Baines (@Junior_Baines) Bug Bounty2022-08-042023-06-13
1272Liferay revisited: A tale of 20k$ RCE NA VNG Security Response Center (@vngsecresponse) Bug Bounty2022-08-062023-06-13
1268From Shodan to RCE: That one time I hacked a Fortune 500 company. Missing authentication Arbitrary file read RCE Exposed Jenkins instance NA vimanari_ (@vimanari_) Bug Bounty2022-08-082023-06-13
1265Dancing on the architecture of VMware Workspace ONE Access (ENG) Authentication bypass SQL injection RCE VMware Petrus Viet (@VietPetrus) Bug Bounty2022-08-092023-06-13
1264From Shared Dash to Root Bash :: Pre-Authenticated RCE in VMWare vRealize Operations Manager Authentication bypass Information disclosure Local Privilege Escalation VMware Steven Seeley (@steventseeley) Bug Bounty2022-08-092023-06-13
1263Advisory: Cisco Small Business RV Series Routers Web Filter Database Update Command Injection Vulnerability OS command injection RCE Cisco Quentin Kaiser (@QKaiser) Bug Bounty2022-08-092023-06-13
1257Google Cloud Shell - Command Injection OS command injection RCE Cloud Google Bugra Eskici (@bugraeskici) Bug Bounty2022-08-102023-06-13
1253Advanced Inter-Process Desynchronization in SAP’s HTTP Server Memory corruption RCE HTTP Request Smuggling Web cache poisoning Desync attack SAP Martin Doyhenard (@tincho_508) Bug Bounty2022-08-102023-06-13
1251Mining Node.js Vulnerabilities via Object Dependence Graph and Query RCE OS command injection Prototype pollution Path traversal NA Song Li Bug Bounty2022-08-102023-06-13
1249Rapid7 Discovered Vulnerabilities in Cisco ASA, ASDM, and FirePOWER Services Software RCE OS command injection Local Privilege Escalation MiTM Cisco Jake Baines (@Junior_Baines) Bug Bounty2022-08-112023-06-13
1245IAM Whoever I Say IAM :: Infiltrating VMWare Workspace ONE Access Using a 0-Click Exploit Authentication bypass Information disclosure CSRF RCE Local Privilege Escalation VMware Steven Seeley (@steventseeley) Bug Bounty2022-08-112023-06-13
1242File Upload Bypass to RCE == $$$$ Unrestricted file upload RCE NA Sagar Sajeev (@Sagar__Sajeev) Bug Bounty2022-08-122023-06-13
1238Exploiting CVE-2022-24816: A Code Injection In The Jt-jiffle Extension Of Geoserver RCE Code injection NA Remsio (@_remsio_) Bug Bounty2022-08-122023-06-13
1234An Unusual Tale of Email Verification Bypass Email verification bypass Bruteforce Rate limiting bypass NA Sagar Sajeev (@Sagar__Sajeev) Bug Bounty2022-08-132023-06-13
1232How I earned a $7000 bug bounty from Grab (RCE Unique Bugs) RCE Android Grab ANDRI Bug Bounty2022-08-132023-06-13