Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
269Exploiting prototype pollution in Node without the filesystem Server-side prototype pollution RCE NA Gareth Heyes (@garethheyes) Bug Bounty2023-03-232023-06-13
268Joomla! CVE-2023-23752 to Code Execution Broken Access Control RCE Joomla! Jacob Baines (@Junior_Baines) Bug Bounty2023-03-232023-06-13
267Hacking AI: System and Cloud Takeover via MLflow Exploit LFI RFI RCE MLflow Dan McInerney (@DanHMcInerney) Bug Bounty2023-03-252023-06-13
265How I escalated default credentials to Remote Code Execution Default credentials RCE NA Pawan Chhabria (@heybenchmarkkk) Bug Bounty2023-03-262023-06-13
254It’s a (SNMP) Trap: Gaining Code Execution on LibreNMS RCE Stored XSS Security code review LibreNMS Stefan Schiller (@scryh_) Bug Bounty2023-03-292023-06-13
251Riding the Azure Service Bus (Relay) into Power Platform RCE Cross-tenant vulnerability Cloud Insecure deserialization Microsoft (Azure) Nick Landers (@monoxgas) Bug Bounty2023-03-302023-06-13
249Remote Code Execution Vulnerability in Azure Pipelines Can Lead To Software Supply Chain Attack RCE CI/CD Supply chain attack Microsoft (Azure Pipelines) Nadav Noy Bug Bounty2023-03-302023-06-13
248Super FabriXss: From XSS to an RCE in Azure Service Fabric Explorer by Abusing an Event Tab Cluster Toggle (CVE-2023-23383) RCE XSS Cloud Microsoft (Azure) Lidor Ben Shitrit Bug Bounty2023-03-302023-06-13
240Finding RCE in NodeJS templating engine %27Eta%27 - CVE-2022-25967 RCE Server-side prototype pollution Security code review Eta Rayhan Ahmed Niloy (@Rayhan0x01) Bug Bounty2023-04-012023-06-13
233CyberGhostVPN - the story of finding MITM, RCE, LPE in the Linux client RCE MiTM Local Privilege Escalation CyberGhost mmmds Bug Bounty2023-04-032023-06-13
231Pentah0wnage: Pre-Auth RCE in Pentaho Business Analytics Server RCE SSTI Authorization bypass Groovy scripting Hitachi Vantara (Pentaho) Harry Withington Bug Bounty2023-04-042023-06-13
210From listKeys to Glory: How We Achieved a Subscription Privilege Escalation and RCE by Abusing Azure Storage Account Keys Cloud Privilege escalation Microsoft (Azure) Roi Nisimi (@) Bug Bounty2023-04-112023-06-13
209Shell in the Ghost: Ghostscript CVE-2023-28879 writeup Buffer Overflow Memory corruption RCE Ghostscript sigabrt9 (@sigabrt9) Bug Bounty2023-04-112023-06-13
208Pretalx Vulnerabilities: How to get accepted at every conference Arbitrary file read Arbitrary file write RCE Security code review Pretalx Stefan Schiller (@scryh_) Bug Bounty2023-04-112023-06-13
205Losing control over Schneider%27s EcoStruxure Control Expert RCE Path traversal Security code review Schneider Electric Ruben Santamarta (@reversemode) Bug Bounty2023-04-112023-06-13
199How I got RCE in + 10 websites… RCE Security misconfiguration NA m4cddr (@m4cddr) Bug Bounty2023-04-132023-06-13
198Remote Code Execution Vulnerability in Google They Are Not Willing To Fix Dependency confusion RCE Google Giraffe Security Bug Bounty2023-04-142023-06-13
192(CVE-2023-2017) Shopware 6 Server-side Template Injection (SSTI) via Twig Security Extension SSTI RCE Security code review Shopware Ngo Wei Lin (@Creastery) Bug Bounty2023-04-172023-06-13
190Multiple Critical Vulnerabilities In Strapi Versions <=4.7.1 Authentication bypass SSTI RCE Amazon cognito misconfiguration Information disclosure Strapi GhostCcamm (@GhostCcamm) Bug Bounty2023-04-172023-06-13
182#BrokenSesame: Accidental write’ permissions to private registry allowed potential RCE to Alibaba Cloud Database Services Cloud RCE Container escape Kubernetes Privilege escalation Lateral movement Supply chain attack Cross-tenant vulnerability Alibaba Ronen Shustin (@ronenshh) Bug Bounty2023-04-192023-06-13
176CVE-2022-29844: A Classic Buffer Overflow On The Western Digital My Cloud Pro Series PR4100 Buffer Overflow Memory corruption RCE Western Digital Luca Moro (@johncool__) Bug Bounty2023-04-202023-06-13
166Exploits Explained: Permission misconfiguration within Salesforce JavaScript Remoting tokens used for Apex Controllers Salesforce Security misconfiguration Broken Access Control NA Mahmoud Gamal (@Zombiehelp54) Bug Bounty2023-04-212023-06-13
160Vocera Report Server Pwnage RCE Arbitrary file upload Path traversal Zip Slip attack Stryker b0yd (@rwincey) Bug Bounty2023-04-242023-06-13
158CVE-2023-27524: Insecure Default Configuration in Apache Superset Leads to Remote Code Execution RCE Default Flask Secret Key Hardcoded credentials Apache Superset Naveen Sunkavally Bug Bounty2023-04-252023-06-13
149Microsoft Exchange Powershell Remoting Deserialization leading to RCE (CVE-2023-21707) RCE Insecure deserialization Microsoft (Exchange) Nguyễn Tiến Giang (@testanull) Bug Bounty2023-04-282023-06-13