Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1666Cloud SSRF Exploitation SSRF NA Dan Barros Bug Bounty2022-04-042023-06-13
1660CloudKit Share Records leak the title of private iCloud files IDOR Broken Access Control Apple David Schütz (@xdavidhu) Bug Bounty2022-04-052023-06-13
1653Azure Active Directory Exposes Internal Information Cloud Information disclosure Azure AD Microsoft (Azure) Counter Threat Unit Research Team Bug Bounty2022-04-052023-06-13
1630Threat Evasion for aws:multifactorAuthPresent condition using Cloudshell MFA bypass AWS Falcnix (@falcnix) Bug Bounty2022-04-132023-06-13
1605Smashing the Modern Web Tech Stack — Part 1: The Evolving Threat Landscape in 2022 and DOM-based XSS in Cloud-Native React Apps. Open redirect XSS NA MalwareJoe Bug Bounty2022-04-212023-06-13
1604Security issues with cloudflare/odoh-server-go and the ODoH RFC draft SSRF Cloudflare Frans Rosén (@fransrosen) Bug Bounty2022-04-212023-06-13
1595Azure Monitor – Malicious KQL Query Privilege escalation Cloud Microsoft Joosua Santasalo (@SantasaloJoosua) Bug Bounty2022-04-272023-06-13
1591Wiz Research discovers "ExtraReplica"— a cross-account database vulnerability in Azure PostgreSQL Cross-tenant vulnerability Privilege escalation Authentication bypass Cloud Microsoft Shir Tamari (@shirtamari) Bug Bounty2022-04-282023-06-13
1571Cloudflare Pages, part 1: The fellowship of the secret Command injection Container escape Bash Path injection RCE Local Privilege Escalation Information disclosure Cloudflare Sean Yeoh (@seanyeoh) Bug Bounty2022-05-062023-06-13
1546Variant Cloud Analysis Default credentials NA jspin (@jespinhara) Bug Bounty2022-05-182023-06-13
1474Microsoft Azure Synapse Pwnalytics Privilege escalation Cloud Microsoft Jimi Sebree (@DinoBytes) Bug Bounty2022-06-132023-06-13
1470SynLapse – Technical Details for Critical Azure Synapse Vulnerability Cross-tenant vulnerability RCE Cloud Microsoft Tzah Pahima (@TzahPahima) Bug Bounty2022-06-142023-06-13
1464Hertzbleed Attack Side-channel attack Hardware hacking Cryptographic issues Intel Cloudflare Microsoft Yingchen Wang (@YingchenWang96) Bug Bounty2022-06-142023-06-13
1429Hyperlink Injection On IRC Cloud Hyperlink injection IRCCloud Aswin K V (@deep_marketer_) Bug Bounty2022-06-262023-06-13
1360Ability to login as google staff in Google Cloud Community Privilege escalation Google Gaurav Bhatia Bug Bounty2022-07-152023-06-13
1343Logging Passwords in Plaintext in Azure Arc Information disclosure Local Privilege Escalation Cloud Microsoft Jimi Sebree (@DinoBytes) Bug Bounty2022-07-192023-06-13
1281Hijacking email with Cloudflare Email Routing HTTP response manipulation Privilege escalation NA Albert Pedersen (@AlbertSPedersen) Bug Bounty2022-08-032023-06-13
1276Revisiting OMI: Analysis of CVE-2022-29149, a privilege escalation vulnerability in Azure OMI Local Privilege Escalation Cloud Microsoft Nir Ohfeld (@nirohfeld) Bug Bounty2022-08-052023-06-13
1266Bypassed Cloudflare’s Web Application Firewall (WAF) XSS HTML injection WAF bypass NA Ansh Vaid (@anshvaid4) Bug Bounty2022-08-092023-06-13
1257Google Cloud Shell - Command Injection OS command injection RCE Cloud Google Bugra Eskici (@bugraeskici) Bug Bounty2022-08-102023-06-13
1256How I earned a $6000 bug bounty from Cloudflare Path traversal Cloudflare ANDRI Bug Bounty2022-08-102023-06-13
1246The cloud has an isolation problem: PostgreSQL vulnerabilities affect multiple cloud vendors Privilege escalation Cross-tenant vulnerability OS command injection Local Privilege Escalation Cloud Google Microsoft Aiven Shir Tamari (@shirtamari) Bug Bounty2022-08-112023-06-13
1207You Have One New Appwntment: Exploiting iCalendar Properties in Enterprise Applications XSS SMTP injection VMware Synology Apple Microsoft Google NextCloud Eugene Lim (@spaceraccoonsec) Bug Bounty2022-08-182023-06-13
1143Azure Synapse: Local Privilege Escalation Vulnerability in Spark Race condition Local Privilege Escalation Cloud Microsoft Tzah Pahima (@TzahPahima) Bug Bounty2022-09-012023-06-13
1060AttachMe: critical OCI vulnerability allows unauthorized access to customer cloud storage volumes Cloud Cross-tenant vulnerability Authorization flaw Oracle Elad Gabay (@eladgabay_) Bug Bounty2022-09-202023-06-13