writeups.xyz / Ngo Wei Lin (@Creastery)

Title	Vulnerabilities	Programs	Authors
Send()-ing Myself Belated Christmas Gifts - GitHub.com's Environment Variables & GHES Shell	RCE Unsafe Reflection Security Code Review	GitHub	Ngo Wei Lin (@Creastery)
(CVE-2023-2017) Shopware 6 Server-side Template Injection (SSTI) via Twig Security Extension	SSTI RCE Security Code Review	Shopware	Ngo Wei Lin (@Creastery)
CS-Cart PDF Plugin Unauthenticated Command Injection	RCE OS Command Injection Security Code Review	CS-Cart	Ngo Wei Lin (@Creastery)
Microsoft Azure Account Takeover via DOM-based XSS in Cosmos DB Explorer	Account Takeover DOM XSS	Microsoft (Azure)	Ngo Wei Lin (@Creastery)

Page 1 of 1