Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3798Google Chrome portal element fuzzing RCE Memory corruption Buffer Overflow Use-After-Free Google Pawel Wylecial (@h0wlu) Bug Bounty2019-12-062023-06-13
3793Telegram (v4.9.155353) was rendering file:// links + opening them via NSWorkspace.open -> code execution. RCE Telegram Vladimir Metnew (@vladimir_metnew) Bug Bounty2019-12-082023-06-13
37794 Google Cloud Shell bugs explained RCE Google wtm@offensi.com (@wtm_offensi) Bug Bounty2019-12-162023-06-13
3773Javascript Anti Debugging - Abusing SourceMappingURL Browser hacking Google (Chromium) Gal Weizman (@WeizmanGal) Bug Bounty2019-12-172023-06-13
3771#BugBounty — How Snapdeal (India’s Popular E-commerce Website) Kept their Users Data at Risk! Insecure storage of sensitive information Snapdeal Nanda Kumar (@nk00_nk) Bug Bounty2019-12-192023-06-13
3760How we hacked one of the worlds largest Cryptocurrency Website SQL injection RCE NA Strynx (@Strynx_Security) Bug Bounty2019-12-242023-06-13
3759Abusing ImageMagick to obtain RCE ImageTragick RCE NA Strynx (@Strynx_Security) Bug Bounty2019-12-242023-06-13
3757Microsoft Edge (Chromium) - EoP via XSS to Potential RCE XSS RCE Microsoft Abdulrahman Alqabandi (@Qab) Bug Bounty2019-12-242023-06-13
3739Exploiting Wi-Fi Stack on Tesla Model S Wifi hacking Driver hacking RCE Memory corruption Tesla Tencent Keen Security Lab Bug Bounty2020-01-022023-06-13
3735How I found a Privilege Escalation Bug in a private Ecommerce? Privilege escalation NA Baibhav Anand (@SpongeBhav) Bug Bounty2020-01-062023-06-13
3728My First RCE (Stressed Employee gets me 2x bounty) Unrestricted file upload RCE NA Abhishek Yadav (@abhishake100) Bug Bounty2020-01-102023-06-13
3724Pwning Avast Secure Browser for fun and profit RCE Command injection Avast Wladimir Palant (@WPalant) Bug Bounty2020-01-132023-06-13
3721The trouble with Microsoft’s Troubleshooters RCE MiTM Microsoft Imre Rad (@ImreRad) Bug Bounty2020-01-152023-06-13
3688Responsible Disclosure: Breaking out of a Sandboxed Editor to perform RCE RCE HackerEarth Jatin Dhankhar (@jatindhankhar_) Bug Bounty2020-02-042023-06-13
3687Critical Security Flaw Found in WhatsApp Desktop Platform Allowing Cybercriminals Read From The File System Access Stored XSS CSP bypass Open redirect RCE Meta / Facebook Gal Weizman (@WeizmanGal) Bug Bounty2020-02-042023-06-13
3678Simple Remote Code Execution Vulnerability Examples for Beginners RCE Unrestricted file upload NA Ozgur Alp (@ozgur_bbh) Bug Bounty2020-02-052023-06-13
3676How Inspect Element Got me a Bounty Client-side enforcement of server-side security NA Aditya Soni (@hetroublemakr) Bug Bounty2020-02-062023-06-13
3675IDOR leads to Data leakage and Profile Update IDOR Bruteforce NA vict0ni (@vict0ni) Bug Bounty2020-02-072023-06-13
3668CVE-2019-18426 - WhatsApp Vulnerabilities Disclosure - Open Redirect + CSP Bypass + Persistent XSS + FS read permissions + potential for RCE RCE Stored XSS CSP bypass Arbitrary file read Open redirect Security code review Meta / Facebook (WhatsApp) Gal Weizman (@WeizmanGal) Bug Bounty2020-02-142023-06-13
3664Uploading Backdoor For Fun And Profit. Unrestricted file upload RCE NA Mohammed Abdul Raheem (@mohdaltaf163) Bug Bounty2020-02-172023-06-13
3658From Recon to Optimizing RCE Results – Simple Story with One of the Biggest ICT Company in the World Information disclosure RCE NA YoKo Kho (@YokoAcc) Bug Bounty2020-02-182023-06-13
3657A Tale of Two Formats: Exploiting Insecure XML and ZIP File Parsers to Create a Web Shell XXE RCE Directory Traversal NA Eugene Lim (@spaceraccoonsec) Bug Bounty2020-02-182023-06-13
3643RCE via Apache Struts2 - Still out there. RCE NA Abhishek (@abhishake100) Bug Bounty2020-02-272023-06-13
3632ManageEngine ServiceDesk Plus: Arbitrary File Upload Arbitrary file upload RCE NA Duc Anh Bui Bug Bounty2020-03-032023-06-13
3620Broke limited scope with a chain of bugs (tips for every rider CORS) CORS misconfiguration RCE NA Valeriy Shevchenko (@Krevetk0Valeriy) Bug Bounty2020-03-092023-06-13