Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
5842022 Microsoft Teams RCE RCE Insecure deeplink Webview Microsoft @adm1nkyj1 Bug Bounty2023-01-162023-06-13
569EmojiDeploy: Smile! Your Azure web service just got RCE’d ._. RCE Cloud CSRF CORS misconfiguration Microsoft (Azure) Liv Matan (@terminatorLM) Bug Bounty2023-01-192023-06-13
566CVE-2022-35690: Unauthenticated RCE In Adobe ColdFusion RCE Adobe rgod Bug Bounty2023-01-192023-06-13
560Vulnerabilities in ManageEngine ADSelfService Plus 6.1 build 6117 RCE OS command injection Broken Access Control Zoho (ManageEngine) Antoine Cervoise (@acervoise) Bug Bounty2023-01-202023-06-13
559Dissecting and Exploiting TCP/IP RCE Vulnerability “EvilESP” Kernel hacking Windows RCE Memory corruption Buffer Overflow Microsoft (Windows) Valentina Palmiotti (@chompie1337) Bug Bounty2023-01-202023-06-13
553How i Hacked Scopely with “Sign in with Google” Account takeover CORS misconfiguration Client-side enforcement of server-side security OAuth Scopely Ph.Hitachi Bug Bounty2023-01-232023-06-13
551CVE from 2018 Strikes Again RCE Insecure deserialization Thick client NA Colin McQueen Bug Bounty2023-01-232023-06-13
549Using 0days to Protect the United Nations RCE Authentication bypass Path traversal United Nations Florian Hauser (@frycos) Bug Bounty2023-01-242023-06-13
548Exploiting Hardcoded Keys to achieve RCE in Yellowfin BI RCE Authentication bypass Security code review JWT Yellowfin BI Maxwell Garrett (@TheGrandPew) Bug Bounty2023-01-242023-06-13
544MyBB <= 1.8.31: Remote Code Execution Chain RCE SQL injection Stored XSS MyBB Aleksey Solovev Bug Bounty2023-01-252023-06-13
541OpenEMR - Remote Code Execution in your Healthcare System RCE XSS LFI Arbitrary file read Security code review OpenEMR Dennis Brinkrolf (@DBrinkrolf) Bug Bounty2023-01-262023-06-13
540Ransacking your password reset tokens Account takeover Password reset Bruteforce Ransack library Lukas Euler Bug Bounty2023-01-262023-06-13
536PHP Development Server <= 7.4.21 - Remote Source Disclosure Source code disclosure Information disclosure Security code review PHP Rahul Maini (@iamnoooob) Bug Bounty2023-01-282023-06-13
535CVE-2022-44789 Memory corruption Use-After-Free RCE Security code review Artifex MuJS Alvin Ng (@alngpwn) Bug Bounty2023-01-282023-06-13
534Adobe Acrobat Reader - resetForm - CAgg UaF - RCE Exploit - CVE-2023-21608 Memory corruption Use-After-Free RCE Adobe Ashfaq Ansari (@HackSysTeam) Bug Bounty2023-01-282023-06-13
532Froxlor v2.0.6 Remote Command Execution (CVE-2023-0315) RCE Arbitrary file write SSTI Security code review Froxlor Askar (@mohammadaskar2) Bug Bounty2023-01-292023-06-13
521Unserializable, But Unreachable: Remote Code Execution On vBulletin RCE Insecure deserialization Security code review vBulletin Charles Fol (@cfreal_) Bug Bounty2023-01-312023-06-13
519Remote Command Execution in binwalk RCE Path traversal Security code review ReFirm Labs (binwalk) ubi_reader jefferson yaffshiv Quentin Kaiser (@QKaiser) Bug Bounty2023-01-312023-06-13
514RCE in Avaya Aura Device Services RCE Security code review XSS WebDAV Avaya Dylan Pindur Bug Bounty2023-02-012023-06-13
511CentreStack Disclosure Authentication bypass Password reset Unrestricted file upload RCE Gladinet (CentreStack) Michael Rand Bug Bounty2023-02-022023-06-13
509Exploits Explained: Java JMX’s Exploitation Problems and Resolutions RCE NA Nicolas Krassas (@Dinosn) Bug Bounty2023-02-022023-06-13
508Pre-Auth RCE in Aspera Faspex: Case Guide for Auditing Ruby on Rails RCE Security code review Missing authentication Insecure deserialization IBM Maxwell Garrett (@TheGrandPew) Bug Bounty2023-02-022023-06-13
507WEEKEND DESTROYER - RCE in Western Digital PR4100 NAS RCE Hardcoded credentials Privilege escalation Western Digital Pedro Ribeiro (@pedrib1337) Bug Bounty2023-02-022023-06-13
502WEEKEND DESTROYER - RCE in Western Digital PR4100 NAS RCE Hardcoded credentials Privilege escalation Cryptographic issues Security code review Western Digital Pedro Ribeiro (@pedrib1337) Bug Bounty2023-02-022023-06-13
492Apache SCXML Remote Code Execution RCE Security code review Apache SCXML pyn3rd (@pyn3rd) Bug Bounty2023-02-062023-06-13