Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
770A Real World Example Of Classic Remote Command Execution (RCE) OS command injection XSS RCE NA Bhashit Pandya (@x30r_) Bug Bounty2022-11-262023-06-13
745Command Injection in Asus M25 NAS OS command injection Source code disclosure Asus Quentin Kaiser (@QKaiser) Bug Bounty2022-12-012023-06-13
660Puckungfu: A NETGEAR WAN Command Injection OS command injection Security code review Netgear McCaulay Hudson (@_mccaulay) Bug Bounty2022-12-222023-06-13
620Cacti: Unauthenticated Remote Code Execution RCE Authentication bypass OS command injection Security code review Cacti Stefan Schiller (@scryh_) Bug Bounty2023-01-032023-06-13
596SSH key injection in Google Cloud Compute Engine [Google VRP] OS command injection RCE Google Sivanesh Ashok (@sivaneshashok) Bug Bounty2023-01-122023-06-13
560Vulnerabilities in ManageEngine ADSelfService Plus 6.1 build 6117 RCE OS command injection Broken Access Control Zoho (ManageEngine) Antoine Cervoise (@acervoise) Bug Bounty2023-01-202023-06-13
542Kamailio’s exec module considered harmful OS command injection SIP Kamailio Ali Norouzi Bug Bounty2023-01-262023-06-13
437Facebook bug: A Journey from Code Execution to S3 Data Leak RCE OS command injection Meta / Facebook Bipin Jitiya (@win3zz) Bug Bounty2023-02-162023-06-13
390The Tale of a Command Injection by Changing the Logo RCE OS command injection Unrestricted file upload Directory listing HTTP response manipulation NA 0xrz (@omidxrz) Bug Bounty2023-02-262023-06-13
385$10.000 bounty for exposed .git to RCE .git folder disclosure RCE OS command injection NA Lev Shmelev Bug Bounty2023-02-272023-06-13
359CS-Cart PDF Plugin Unauthenticated Command Injection RCE OS command injection Security code review CS-Cart Ngo Wei Lin (@Creastery) Bug Bounty2023-03-032023-06-13
332PwnAgent: A One-Click WAN-side RCE in Netgear RAX Routers with CVE-2023-24749 RCE OS command injection Security code review Netgear Zion Basque (@mahal0z) Bug Bounty2023-03-082023-06-13
328The Silent Spy Among Us: Modern Attacks Against Smart Intercoms IoT OS command injection Missing authentication MiTM SIP Akuvox Claroty%27s Team82 (@Claroty) Bug Bounty2023-03-092023-06-13
314The story of how I was able to chain SSRF with Command Injection Vulnerability SSRF OS command injection RCE NA Raj Qureshi (@RajQureshi9) Bug Bounty2023-03-122023-06-13
299Backend Parameter Injection --> RCE RCE HTTP parameter pollution OS command injection NA Austin (@systemdumb) Bug Bounty2023-03-142023-06-13
139Azure Devops CICD Pipelines - Command Injection With Parameters, Variables And A Discussion On Runner Hijacking CI/CD OS command injection RCE Microsoft (Azure DevOps Pipelines) Sana Oshika (@bigshika) Bug Bounty2023-05-012023-06-13
120Bullied by Bugcrowd over Kape CyberGhost disclosure Local Privilege Escalation OS command injection Security code review Kape (CyberGhost) Ceri Coburn (@_ethicalchaos_) Bug Bounty2023-05-052023-06-13
91Triple Threat: Breaking Teltonika Routers Three Ways IoT RCE OS command injection SSRF XSS Teltonika Roni Gavrilov Bug Bounty2023-05-152023-06-13
87Unauthenticated Remote Command Execution in Multiple WAGO Products RCE OS command injection Security code review WAGO Quentin Kaiser (@QKaiser) Bug Bounty2023-05-162023-06-13
86Hardcore RCE via directory name for $3.000 RCE OS command injection Security code review NA Lev Shmelev Bug Bounty2023-05-162023-06-13
75Blind OS Command Injection via Activation Request OS command injection NA Arumusutakimu (@arumusutakimu) Bug Bounty2023-05-182023-06-13
74Blind OS Command Injection via Activation Request Memory corruption Buffer Overflow Out-of-bounds Read VMware Nguyễn Hoàng Thạch (@hi_im_d4rkn3ss) Bug Bounty2023-05-182023-06-13
41an offensive look at docker desktop extensions OS command injection Container security Docker Leon Jacobs (@leonjza) Bug Bounty2023-05-302023-06-13
22SSD Advisory – Roundcube MarkAsJunk RCE RCE OS command injection Security code review Roundcube Selim Enes Karaduman (@Enesdex) Bug Bounty2023-06-062023-06-13