Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
4604RCE Unsecure Jenkins Instance | Bug Bounty POC RCE Exposed Jenkins instance NA Muhammad Khizer Javed (@khizer_javed47) Bug Bounty2018-09-072023-06-13
4580Chain The Bugs to Pwn an Organisation ( LFI + Unrestricted File Upload = Remote Code Execution ) LFI Unrestricted file upload RCE NA Armaan Pathan (@armaancrockroax) Bug Bounty2018-09-182023-06-13
4566How I got $4000 from Visma for RCE RCE Visma Ratnadip Gajbhiye (@scspcommunity) Bug Bounty2018-09-252023-06-13
4563#BugBounty — From finding Jenkins instance to Command Execution.Secure your Jenkins Instance! RCE Exposed Jenkins instance NA Avinash Jain (@logicbomb_1) Bug Bounty2018-09-272023-06-13
4549GoogleMeetRoulette: Joining random meetings Bruteforce Logic flaw Google Martin Vigo (@martin_vigo) Bug Bounty2018-10-042023-06-13
4548Apache Struts double evaluation RCE lottery RCE Double OGNL evaluation Apache Struts Man Yue Mo (@mmolgtm) Bug Bounty2018-10-042023-06-13
4534Microsoft Edge Remote Code Execution RCE Microsoft Abdulrahman Alqabandi (@Qab) Bug Bounty2018-10-112023-06-13
4528Path traversal while uploading results in RCE Path traversal RCE NA Harsh Jaiswal (@rootxharsh) Bug Bounty2018-10-152023-06-13
4509#BugBounty — How I was able to download the Source Code of India’s Largest Telecom Service Provider including dozens of more popular websites! .git folder disclosure Source code disclosure NA Avinash Jain (@logicbomb_1) Bug Bounty2018-10-272023-06-13
4494Unauthenticated RSFTP to Command Injection Path traversal RCE NA Nicodemo Gawronski Bug Bounty2018-11-032023-06-13
4492Evernote For Windows Read Local File and Command Execute Vulnerabilities Stored XSS LFI RCE Evernote TongQing Zhu Bug Bounty2018-11-052023-06-13
4490WordPress Design Flaw Leads to WooCommerce RCE RCE Automattic (WooCommerce) Simon Scannell (@scannell_simon) Bug Bounty2018-11-062023-06-13
4461XS-Searching Google’s bug tracker to find out vulnerable source code XS-Search Information disclosure Google Luan Herrera (@lbherrera_) Bug Bounty2018-11-192023-06-13
4447Pwning eBay - How I Dumped eBay Japan%27s Website Source Code .git folder disclosure Source code disclosure Ebay David (@slashcrypto) Bug Bounty2018-11-282023-06-13
4437GitHub Desktop RCE (OSX) RCE GitHub André Baptista (@0xacb) Bug Bounty2018-12-042023-06-13
4430RCE in Hubspot with EL injection in HubL RCE HubSpot Fyoorer (@ƒyoorer) Bug Bounty2018-12-072023-06-13
4425Token Brute-Force to Account Take-over to Privilege Escalation to Organization Take-Over Account takeover Privilege escalation Bruteforce NA Plenum (@plenumlab) Bug Bounty2018-12-102023-06-13
4419Second bite on GitLab, and some interesting Ruby functions/features RCE GitLab Nyangawa Bug Bounty2018-12-122023-06-13
4411Remote Code Execution on a Facebook server LFI RCE CSRF phpMyAdmin Daniel Le Gall (@Blaklis_) Bug Bounty2018-12-142023-06-13
4402Story of my two (but actually three) RCEs in SharePoint in 2018 RCE Microsoft Soroush Dalili (@irsdl) Bug Bounty2018-12-192023-06-13
4397Client side validation strikes again: PIN code bypass ! Client-side enforcement of server-side security Authentication bypass Authorization flaw Netflix Linxo Davy (@RandoriSec) Bug Bounty2018-12-222023-06-13
4393RCE in nokia.com RCE Nokia Sampanna Chimoriya Bug Bounty2018-12-272023-06-13
4392From Hunting for a Laptop to Hunting down Remote Code Execution RCE WebDAV Asus Anil Tom (mr_4nk) Bug Bounty2018-12-272023-06-13
4383How i found web shell on AntiHack.me and Awarded Gold Coin And SWAG RCE Rudra Sarkar (@rudr4_sarkar) AntiHack.me Bug Bounty2019-01-012023-06-13
4342Magento – RCE & Local File Read with low privilege admin rights LFI RCE Path traversal Magento Daniel Le Gall (@Blaklis_) Bug Bounty2019-01-242023-06-13