Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
491Discovering a weakness leading to a partial bypass of the login rate limiting in the AWS Console Rate limiting bypass Bruteforce AWS Christophe Tafani-Dereeper (@christophetd) Bug Bounty2023-02-062023-06-13
486Code Injection via Python Sandbox Escape — how I got a shell inside a network. Code injection RCE NA Viktor Mares Bug Bounty2023-02-072023-06-13
485[CVE-2023-22855] Kardex MLOG - Insecure path join to RCE via SSTI RCE SSTI Security code review NA Patrick Hener (@C1sc01) Bug Bounty2023-02-072023-06-13
479Pwn2Owning Two Hosts At The Same Time: Abusing Inductive Automation Ignition’s Custom Deserialization Insecure deserialization RCE Security code review Inductive Automation Ignition Piotr Bazydło (@chudyPB) Bug Bounty2023-02-082023-06-13
478Exploit Development – A Sincere Form of Flattery MS-RPC RCE NA moth Bug Bounty2023-02-092023-06-13
475How I got $$$$ Bounty within 5 mins RCE Components with known vulnerabilities NA Hashir Khan (@P4n7h3Rx) Bug Bounty2023-02-092023-06-13
469Disabling js for the win Unrestricted file upload RCE NA Vuk Ivanovic Bug Bounty2023-02-102023-06-13
459Exploiting A Remote Heap Overflow With A Custom TCP Stack Memory corruption RCE Western Digital Etienne Helluy-Lafont Bug Bounty2023-02-132023-06-13
451Securing Open-Source Solutions: A Study of osTicket Vulnerabilities Stored XSS Reflected XSS SQL injection Session fixation osTicket Miguel Correia Bug Bounty2023-02-142023-06-13
446Microsoft Windows Contacts (VCF/Contact/LDAP) syslink control href attribute escape vulnerability (CVE-2022-44666) (0day). RCE Microsoft (Windows) j00sean (@j00sean) Bug Bounty2023-02-152023-06-13
442Server side prototype pollution, how to detect and exploit Server-side prototype pollution RCE NA BitK (@BitK_) Bug Bounty2023-02-152023-06-13
441Server-side prototype pollution: Black-box detection without the DoS Server-side prototype pollution RCE NA Gareth Heyes (@garethheyes) Bug Bounty2023-02-152023-06-13
439Hacking Apple: Two Successful Exploits and Positive Thoughts on their Bug Bounty Program RCE Security misconfiguration Apple Joe Gregg (@infiltrateops) Bug Bounty2023-02-162023-06-13
437Facebook bug: A Journey from Code Execution to S3 Data Leak RCE OS command injection Meta / Facebook Bipin Jitiya (@win3zz) Bug Bounty2023-02-162023-06-13
434Found an URL in the android application source code which lead to an IDOR Android Information disclosure IDOR NA Vengeance Bug Bounty2023-02-182023-06-13
424ClamAV Critical Patch Review RCE Memory corruption Buffer Overflow XXE Security code review ClamAV ONEKEY (@onekey_sec) Bug Bounty2023-02-212023-06-13
421Multiple vulnerabilities in Dell Unisphere for PowerMax vApp, VASA Provider vApp and Solutions Enabler vApp CVE-2022-45103 / CVE-2022-45104 Parameter injection Arbitrary file read RCE Dell Antoine Carrincazeaux Bug Bounty2023-02-212023-06-13
419Taking over “Google Cloud Shell” by utilizing capabilities and Kubelet Container escape RCE Kubernetes NA Chen Shiri (@ChenShiri73) Bug Bounty2023-02-212023-06-13
413Unauthenticated RCE in Goanywhere Insecure deserialization RCE Security code review Fortra (GoAnywhere) Youssef Muhammad (@yosef0x1) Bug Bounty2023-02-222023-06-13
407LogicalDOC Vulnerability Disclosure XXE RCE Command injection Privilege escalation LogicalDOC Brett DeWall (@xbadbiddyx) Bug Bounty2023-02-232023-06-13
390The Tale of a Command Injection by Changing the Logo RCE OS command injection Unrestricted file upload Directory listing HTTP response manipulation NA 0xrz (@omidxrz) Bug Bounty2023-02-262023-06-13
388How did I found RCE on SHAREit which rewarded $$$ bounty Log4shell RCE SHAREit Suprit Pandurangi Bug Bounty2023-02-262023-06-13
385$10.000 bounty for exposed .git to RCE .git folder disclosure RCE OS command injection NA Lev Shmelev Bug Bounty2023-02-272023-06-13
384The Vulnerability That Exposed an UN Website to Remote Code Execution Components with known vulnerabilities OGNL injection RCE United Nations Mullangisashank Bug Bounty2023-02-272023-06-13
383VMware Workspace One Access RCE Java Beans Security code review VMware Steven Seeley (@steventseeley) Bug Bounty2023-02-272023-06-13