Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
2002A story about a not-so-direct SSRF SSRF NA Preetham Bomma (@cyber01_) Bug Bounty2021-12-122023-06-13
1984Bring Your Own SSRF – The Gateway Actuator SSRF DoS NA Wyatt Dahlenburg (@wdahlenb) Bug Bounty2021-12-202023-06-13
1977MS Teams: 1 feature, 4 vulnerabilities SSRF Information disclosure DoS Spoofing Microsoft Fabian Bräunlein Bug Bounty2021-12-222023-06-13
1971Turning bad SSRF to good SSRF: Websphere Portal SSRF HCL Technologies Shubham Shah (@infosec_au) Bug Bounty2021-12-262023-06-13
1954Fixing the Unfixable: Story of a Google Cloud SSRF SSRF Google David Schütz (@xdavidhu) Bug Bounty2021-12-312023-06-13
1936Exploiting Redash instances with CVE-2021-41192 Privilege escalation Session management issue SSRF NA Ian Carroll (@iangcarroll) Bug Bounty2022-01-062023-06-13
1917120 Days of High Frequency Hunting SSRF LFI Information disclosure Broken Access Control Authentication bypass XSS SQL injection NA Kuldeep Pandya (@kuldeepdotexe) Bug Bounty2022-01-152023-06-13
1911Stealing administrative JWT%27s through post auth SSRF (CVE-2021-22056) SSRF CSRF VMware Shubham Shah (@infosec_au) Bug Bounty2022-01-172023-06-13
1906The Tale of a Click leading to RCE RCE SSRF CatchPoint Roni Carta (@0xLupin) Bug Bounty2022-01-182023-06-13
1901120 Days of Frequent Hacking SSRF LFI Information disclosure XSS SQL injection NA Kuldeep Pandya (@kuldeepdotexe) Bug Bounty2022-01-212023-06-13
1885Stealing administrative JWT%27s through post auth SSRF (CVE-2021-22056) Windows Driver hacking Kernel DoS VMware Christopher (@Kharosx0) Bug Bounty2022-01-272023-06-13
1883Bypassing SSRF Protection to Exfiltrate AWS Metadata from LarkSuite SSRF Lark Technologies SirLeeroyJenkins (@SirLeeroyJenkin) Bug Bounty2022-01-282023-06-13
1880Multiple HTTP Redirects to Bypass SSRF Protections SSRF NA ne555 Bug Bounty2022-01-292023-06-13
1869Hacking Google Drive Integrations SSRF Dropbox Harsh Jaiswal (@rootxharsh) Bug Bounty2022-01-312023-06-13
1839CVE-2022-21703: cross-origin request forgery against Grafana CSRF SSRF Grafana Labs Julien Cretel (@jub0bs) Bug Bounty2022-02-082023-06-13
1834Oracle Server Side Request Forgery (SSRF) Metadata SSRF Oracle Lidor Ben Shitrit Bug Bounty2022-02-082023-06-13
1781Catching bugs in VMware: Carbon Black Cloud Workload Appliance and vRealize Operations Manager Authentication bypass RCE SSRF Path traversal VMware Egor Dimitrenko (@elk0kc) Bug Bounty2022-02-252023-06-13
1780SSRF & LFI In Uploads Feature SSRF LFI HTML injection NA Raymond Lind Bug Bounty2022-02-262023-06-13
1759Circumventing Browser Security Mechanisms For SSRF SSRF XSS NA HTTPVoid (@httpvoid0x2f) Bug Bounty2022-03-082023-06-13
1680Critical SSRF on Evernote SSRF Evernote Neolex (@NeolexSecurity) Bug Bounty2022-03-312023-06-13
1668Exploiting a double-edged SSRF for server and client-side impact SSRF NA Yassine Aboukir (@Yassineaboukir) Bug Bounty2022-04-032023-06-13
1666Cloud SSRF Exploitation SSRF NA Dan Barros Bug Bounty2022-04-042023-06-13
1651SSRF and Account Takeover via XSS in ERPNext (0-day) SSRF XSS Account takeover ERPNext huli (@aszx87410) Bug Bounty2022-04-062023-06-13
1640SVG SSRFs and saga of bypasses SSRF HTML injection NA Preetham Bomma (@cyber01_) Bug Bounty2022-04-112023-06-13
1604Security issues with cloudflare/odoh-server-go and the ODoH RFC draft SSRF Cloudflare Frans Rosén (@fransrosen) Bug Bounty2022-04-212023-06-13