Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1463[BugTales] UnZiploc: From 0-click To Platform Compromise Memory corruption Logic flaw RCE Local Privilege Escalation Huawei Daniel Komaromy (@kutyacica) Bug Bounty2022-06-142023-06-13
1462Privilege Escalation in AKS Clusters Privilege escalation Microsoft Anneke Breust Bug Bounty2022-06-152023-06-13
1460Amazon Linux "log4j hotpatch" <1.3-5 local privilege escalation to root (race condition) Local Privilege Escalation Amazon Justin Steven (@justinsteven) Bug Bounty2022-06-152023-06-13
1455Chaining MFA-Enabled IAM Users with IAM Roles for Potential Privilege Escalation in AWS Privilege escalation AWS Jason Kao Bug Bounty2022-06-162023-06-13
1445Hacking into the worldwide Jacuzzi SmartTub network SPA Android JWT Privilege escalation Mass assignment Jacuzzi Group SmartTub Eaton Z. (@XeEaton) Bug Bounty2022-06-202023-06-13
1419FabricScape: Escaping Service Fabric and Taking Over the Cluster Container escape Local Privilege Escalation Cross-tenant vulnerability Microsoft Unit 42 (@Unit42_Intel) Bug Bounty2022-06-282023-06-13
1406Get root on macOS 12.3.1: proof-of-concepts for Linus Henze%27s CoreTrust and DriverKit bugs (CVE-2022-26766, CVE-2022-26763) Signature validation bypass Memory corruption Local Privilege Escalation MacOS Apple Zhuowei Zhang (@zhuowei) Bug Bounty2022-07-022023-06-13
1403Vertical Privilege Escalation: The user can takeover an admin account via response manipulation Privilege escalation HTTP response manipulation NA Jan Muhammad Zaidi (@hasanakajan) Bug Bounty2022-07-022023-06-13
1400We Hacked Larksuite For 1 month and Here is what we found XSS IDOR Privilege escalation Broken Access Control CSRF 40x bypass Lark Technologies Snap Sec (@snap_sec) Bug Bounty2022-07-042023-06-13
1399Rediscovering Epic Games 0-Days (Forever Unpatched?) Local Privilege Escalation Epic Games Christopher Vella (@Kharosx0) Bug Bounty2022-07-062023-06-13
1394Interesting Privilege Escalation In an Old Private Program Privilege escalation NA Zunaid Mahmud (@SZ_Mahmud_7) Bug Bounty2022-07-072023-06-13
1383Exploiting Authentication in AWS IAM Authenticator for Kubernetes Authentication flaw Privilege escalation AWS Gafnit Amiga (@gafnitav) Bug Bounty2022-07-112023-06-13
1377Microsoft Azure Site Recovery DLL Hijacking DLL Hijacking Privilege escalation Microsoft Jimi Sebree (@DinoBytes) Bug Bounty2022-07-122023-06-13
1376CVE-2022-32223 Discovery: DLL Hijacking via npm CLI DLL Hijacking Privilege escalation Node.js Yakir Kadkoda Bug Bounty2022-07-122023-06-13
1371Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 Local Privilege Escalation Apple Microsoft 365 Defender Research Team Bug Bounty2022-07-132023-06-13
1362Exploiting Arbitrary Object Instantiations in PHP without Custom Classes Lack of rate limiting Privilege escalation IDOR Account takeover NA Muhammad Talha / evilmango Bug Bounty2022-07-152023-06-13
1360Ability to login as google staff in Google Cloud Community Privilege escalation Google Gaurav Bhatia Bug Bounty2022-07-152023-06-13
1345Pwn2Own Miami 2022: OPC UA .NET Standard Trusted Application Check Bypass Local Privilege Escalation OPC Foundation Sector 7 (@sector7_nl) Bug Bounty2022-07-192023-06-13
1343Logging Passwords in Plaintext in Azure Arc Information disclosure Local Privilege Escalation Cloud Microsoft Jimi Sebree (@DinoBytes) Bug Bounty2022-07-192023-06-13
1341CVE-2022-30526 (Fixed): Zyxel Firewall Local Privilege Escalation Local Privilege Escalation Zyxel Jake Baines (@Junior_Baines) Bug Bounty2022-07-192023-06-13
1336[CVE-2022-34918] A crack in the Linux firewall Memory corruption Local Privilege Escalation Linux Kernel Organization Arthur Mongodin Bug Bounty2022-07-202023-06-13
1320Deep understand ASPX file handling and some related attack vectors Local Privilege Escalation WAF bypass Microsoft Rskvp93 (@rskvp93) Bug Bounty2022-07-252023-06-13
1293My Second CVE (CVE-2022-31855) OS command injection Local Privilege Escalation RStudio y0ung_dst (@Y0ung_MA) Bug Bounty2022-07-302023-06-13
1285Multiple bugs in one program leads to 1500€ Privilege escalation IDOR Authorization flaw NA can1337 (@canmustdie) Bug Bounty2022-08-022023-06-13
1281Hijacking email with Cloudflare Email Routing HTTP response manipulation Privilege escalation NA Albert Pedersen (@AlbertSPedersen) Bug Bounty2022-08-032023-06-13