Sean Yeoh (@Seanyeoh) | writeups.xyz

Title	Vulnerabilities	Programs	Authors
RCE in Progress WS_FTP Ad Hoc via IIS HTTP Modules (CVE-2023-40044)	Insecure Deserialization RCE Security Code Review	Progress (MOVEit Transfer)	Shubham Shah (@Infosec_au) Sean Yeoh (@Seanyeoh)
Exploiting an Order of Operations Bug to Achieve RCE in Oracle Opera	RCE Unrestricted File Upload Path Traversal Security Code Review	Oracle (Opera)	Shubham Shah (@Infosec_au) Sean Yeoh (@Seanyeoh) Brendan Scarvell (@Bscarvell) Jason Haddix (@Jhaddix)
Cloudflare Pages, part 1: The fellowship of the secret	Command Injection Container Escape Bash Path Injection RCE Local Privilege Escalation Information Disclosure	Cloudflare	Sean Yeoh (@Seanyeoh) James Hebden (@Devec0)
H2C Smuggling in the Wild	HTTP Request Smuggling	Undisclosed	Sean Yeoh (@Seanyeoh)
Taking over Azure DevOps Accounts with 1 Click	Subdomain Takeover Account Takeover	Microsoft	Sean Yeoh (@Seanyeoh)

Page 1 of 1