Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1229Remote Code Execution on Element Desktop Application using Node Integration in Sub Frames Bypass - CVE-2022-23597 RCE XSS Matrix (Element) s1r1us (@s1r1u5_) Bug Bounty2022-08-132023-06-13
1220Salesforce bug hunting to Critical bug Information disclosure Salesforce NA Vuk Ivanovic Bug Bounty2022-08-152023-06-13
1219We discovered major vulnerabilities in Control Web Panel. Here’s how we found them. Path traversal RCE Weak crypto Password reset Account takeover Centos Web Panel (CWP) Immersive Labs (@immersivelabs) Bug Bounty2022-08-152023-06-13
1218CVE-2022-30211: Windows L2TP VPN Memory Leak and Use after Free Vulnerability Memory corruption RCE Microsoft Alex Nichols (@i4mchr00t) Bug Bounty2022-08-152023-06-13
1210RCE on Spip and Root-Me, v2! RCE SSTI DNS rebinding XSS Code injection Unrestricted file upload SPIP Laluka (@TheLaluka) Bug Bounty2022-08-162023-06-13
1196Failed Coding Assessment to Remote Code Execution - Part 1 RCE HackerEarth Akash Chhabra (@_hackingguy) Bug Bounty2022-08-202023-06-13
1195Blind command injection RCE OS command injection NA Bartłomiej Bergier (@_bergee_) Bug Bounty2022-08-212023-06-13
1188Paracosme - CVE-2022-33318 - Remote Code Execution in ICONICS Genesis64 Memory corruption RCE ICONICS Axel Souchet (@0vercl0k) Bug Bounty2022-08-222023-06-13
1186But You Told Me You Were Safe: Attacking The Mozilla Firefox Renderer (Part 1) Browser hacking RCE Prototype pollution Mozilla Hossein Lotfi (@hosselot) Bug Bounty2022-08-232023-06-13
1184Securing Developer Tools: Argument Injection in Visual Studio Code Argument injection RCE Microsoft Thomas Chauchefoin (@swapgs) Bug Bounty2022-08-232023-06-13
1179Crashing Industrial Control Systems at Pwn2Own Miami 2022 DoS Memory corruption RCE Unified Automation JFrog Security Research Team (@JFrogSecurity) Bug Bounty2022-08-252023-06-13
1178SATisfying our way into remote code execution in the OPC UA industrial stack Memory corruption RCE Unified Automation JFrog Security Research Team (@JFrogSecurity) Bug Bounty2022-08-252023-06-13
1176Command Injection in the GitHub Pages Build Pipeline RCE OS command injection GitHub Joren Vrancken Bug Bounty2022-08-252023-06-13
1173Break the Logic: 5 Different Perspectives in Single Page (€1500) Client-side enforcement of server-side security IDOR Authorization flaw NA can1337 (@canmustdie) Bug Bounty2022-08-262023-06-13
1171Tetsuji: Remote Code Execution on a GameBoy Colour 22 Years Later RCE Nintendo xcellerator (@TheXcellerator) Bug Bounty2022-08-272023-06-13
1163Out-Of-Bond Remote code Execution(RCE) on De Nederlandsche Bank N.V. with burp-suite collaborator OS command injection RCE De Nederlandsche Bank Santosh Kumar Sha (@killmongar1996) Bug Bounty2022-08-282023-06-13
1160Blind Exploits To Rule Watchguard Firewalls XPath injection Memory corruption Local Privilege Escalation RCE WatchGuard Charles Fol (@cfreal_) Bug Bounty2022-08-292023-06-13
1159Bypassing ModSecurity for RCEs WAF bypass Code injection RCE ModSecurity Somdev Sangwan (s0md3v) Bug Bounty2022-08-292023-06-13
1145How did we Found Log4shell on Agorapulse Log4shell RCE Agorapulse Snap Sec (@snap_sec) Bug Bounty2022-09-012023-06-13
1135How I found my first SSRF to RCE! IDOR SSRF RCE NA Md. Asif Hossain (@0x0asif) Bug Bounty2022-09-042023-06-13
1131Hacking My Helium Crypto Miner Hardcoded credentials Missing authentication RCE Local Privilege Escalation Pycom Md. Asif Hossain (@0x0asif) Bug Bounty2022-09-052023-06-13
1127CVE-2022-34715: More Microsoft Windows NFS V4 Remote Code Execution RCE Memory corruption Microsoft Quintin Crist Bug Bounty2022-09-062023-06-13
1125CVE-2022-35405 Manage engines RCE (Password Manager Pro, PAM360 and Access Manager Plus) RCE Zoho Vinicius Pereira (@big0x75) Bug Bounty2022-09-082023-06-13
1114Groovy Template Engine Exploitation – Notes from a real case scenario RCE NA Gianluca Baldi (@0x_nope) Bug Bounty2022-09-072023-06-13
1112Exploiting Laravel based applications with leaked APP_KEYs and Queues RCE NA Timo Müller (@mtimo44) Bug Bounty2022-09-072023-06-13