| 644 | Hacking a .NET API in the real world |
LFI |
NA |
Dana Epp (@DanaEpp) |
Bug Bounty | 2022-12-27 | 2023-06-13 |
| 616 | PandoraFMS - Pre-Auth Remote Code Execution |
RCE
Path traversal
Arbitrary file upload
LFI
Security code review |
PandoraFMS |
esj4y (@esj4y) |
Bug Bounty | 2023-01-06 | 2023-06-13 |
| 541 | OpenEMR - Remote Code Execution in your Healthcare System |
RCE
XSS
LFI
Arbitrary file read
Security code review |
OpenEMR |
Dennis Brinkrolf (@DBrinkrolf) |
Bug Bounty | 2023-01-26 | 2023-06-13 |
| 297 | LFI - An Interesting Tweak |
LFI |
NA |
Jerry Shah (@Jerry) |
Bug Bounty | 2023-03-15 | 2023-06-13 |
| 288 | Directory Traversal and LFI worth $400 |
Path traversal |
NA |
Hritik Thapa |
Bug Bounty | 2023-03-17 | 2023-06-13 |
| 275 | PHP Filter Chains: File Read From Error-based Oracle |
Arbitrary file read
LFI
PHP filter chain |
NA |
Rémi Matasse (@_remsio_) |
Bug Bounty | 2023-03-21 | 2023-06-13 |
| 267 | Hacking AI: System and Cloud Takeover via MLflow Exploit |
LFI
RFI
RCE |
MLflow |
Dan McInerney (@DanHMcInerney) |
Bug Bounty | 2023-03-25 | 2023-06-13 |
| 260 | The curl quirk that exposed Burp Suite & Google Chrome |
LFI |
PortSwigger
Google (Chrome) |
Paul Mutton (@paulmutton) |
Bug Bounty | 2023-03-28 | 2023-06-13 |
| 258 | A short tell of LFI from PDF link → Professor the Hunter |
LFI |
NA |
Professor the Hunter (@bughuntar) |
Bug Bounty | 2023-03-29 | 2023-06-13 |
| 250 | Found SSRF and LFI in Just 10 minutes of using burp! |
SSRF
LFI |
NA |
Khaled Mohamed (@0xElkomy) |
Bug Bounty | 2023-03-30 | 2023-06-13 |
