writeups.xyz / William Bowling / Vakzz (@Wcbowling)

Title	Vulnerabilities	Programs	Authors
ExifTool CVE-2021-22204 - Arbitrary Code Execution	RCE	GitLab	William Bowling / Vakzz (@Wcbowling)
Universal Deserialisation Gadget for Ruby 2.x-3.x	Insecure Deserialization Security Code Review RCE	Ruby	William Bowling / Vakzz (@Wcbowling)
GitHub Pages - Multiple RCEs via insecure Kramdown configuration - $25,000 Bounty	RCE Path Traversal	GitHub	William Bowling / Vakzz (@Wcbowling)
GitHub Gist - Account takeover via open redirect - $10,000 Bounty	Open Redirect Account Takeover	GitHub	William Bowling / Vakzz (@Wcbowling)
GitHub - RCE via git option injection (almost) - $20,000 Bounty	RCE	GitHub	William Bowling / Vakzz (@Wcbowling)

Page 1 of 1