writeups.xyz

This Website is a collection of Information Security and Bug Bounty writeups that allows you to easily filter writeups by vulnerabilities, programs, authors, and more, making your research and exploration of security issues simpler and more efficient.

Important Note: Please remember that the inclusion of a program or target in this directory does not imply permission to conduct any hacking activities. Always review and adhere to the specific policies of each program before taking any action.

Title	Vulnerabilities	Programs	Authors
Vulnerabilities in Homepage Dashboard	RCE SSRF CSRF Information Disclosure Jellyfin	Homepage	Daniel Kachakil
Authorization bypass due to cache misconfiguration	Authorization Bypass Access Control Bypass GraphQL	Undisclosed	Rikesh Baniya (@Rikeshbaniya)
Google AI Studio: LLM-Powered Data Exfiltration Hits Again! Quickly Fixed.	AI LLM Prompt Injection	Google (AI Studio)	Johann Rehberger (Wunderwuzzi23)
WPML Multilingual CMS Authenticated Contributor+ Remote Code Execution (RCE) via Twig Server-Side Template Injection (SSTI)	SSTI RCE Security Code Review	Wordfence	Matthew Rollings (@Stealthcopter)
From MLOps to MLOops: Exposing the Attack Surface of Machine Learning Platforms	AI RCE XSS Missing Authentication Container Escape Malicious AI Model Malicious Datasets	Jupyter Hugging Face MLflow KServe Seldon	Ori Hollander Shachar Menashe Natan Nehorai Uriya Yavnieli
SSRFing the Web with the help of Copilot Studio	SSRF	GitHub (Copilot)	Evan Grant (@Stargravy)
The Hunt for ALBeast: A Technical Walkthrough	AWS ALB Authentication Bypass Authorization Bypass	AWS	Liad Eliyahu (@Liadeliyahu)
$4,998 Bounty Awarded and 100,000 WordPress Sites Protected Against Unauthenticated Remote Code Execution Vulnerability Patched in GiveWP WordPress Plugin	RCE PHP Pop Chain PHP Object Injection Security Code Review	Wordfence	Villu Orav (@Villu164)
How 1 Exposed Honeywell API Gave us Control Over an Internal Engineering System	Missing Authentication Information Disclosure Broken Authorization Account Takeover	Honeywell	Eaton Z. (@XeEaton)
World of SELECT-only PostgreSQL Injections: (Ab)using the filesystem	SQL Injection	Undisclosed	Maksym Vatsyk
$1600 Bounty on a Main Domain	Session Fixation 2FA / MFA Bypass Information Disclosure Authentication Bypass Open Redirect	Undisclosed	Debug (@Debug50)
Another 1500$: CR/LF Injection	CRLF Injection	Undisclosed	Abhi Sharma (@A13h1_)
500$ From Meta by reporting a HTMLi(Accidental Bug)	HTML Injection	Meta / Facebook	A.R Maheer
Forced SSO Session Fixation	SSO Session Fixation Account Takeover	Undisclosed	Serj Novoselov (@Novoselov_s)
Spip Preauth RCE 2024: Part 1, The Feather	RCE Code Injection Security Code Review	SPIP	Laluka (@TheLaluka)
2FA Bypass - IDN Mischief	2FA / MFA Bypass IDN Homograph Attack	Undisclosed	Jerry Shah (@Jerry)
Addressed AWS defaults risks: OIDC, Terraform and Anonymous to AdministratorAccess	Cloud OIDC Terraform Privilege Escalation	AWS	Eduard Agavriloae (@Saw_your_packet)
CVE-2024-38213: Copy2pwn Exploit Evades Windows Web Protections	WebDAV	Microsoft (Windows)	Peter Girnus (@Gothburz)
Double Agent: Exploiting Pass-through Authentication Credential Validation in Azure AD	Cloud Privilege Escalation Lateral Movement	Microsoft (Entra ID / Azure AD)	Ilan Kalendarov (@IKalendarov) Elad Beber
Oops I UDL'd it Again	Phishing	Undisclosed	Oddvar Moe (@Oddvarmoe)
Account takeover on 8 years old public program	Account Takeover Email Verification Bypass	Undisclosed	Priyanshu Shakya (@Pranshux0x)
SCCMSecrets.py: Exploiting SCCM Policies Distribution For Credentials Harvesting, Initial Access And Lateral Movement	Active Directory SCCM	Undisclosed	Quentin Roland (@Croco_byte)
Vulnerabilities in NodeJS C/C++ add-on extensions	Memory Corruption Memory Leak Out-of-Bounds Read Buffer Overflow Integer Overflow DoS Security Code Review	Node.js Third-Party Modules	Alessio Della Libera
ArtiPACKED: Hacking Giants Through a Race Condition in GitHub Actions Artifacts	Race Condition CI/CD	GitHub Google (Firebase) Microsoft AWS Red Hat Canonical (Ubuntu Adsys) OWASP	Yaron Avital (@Yaronavital)
Breaking the Barrier: Admin Panel Takeover Worth $3500	Authentication Bypass Password Reset Information Disclosure	Undisclosed	Aditya Sharma (@Assass1nmarcos)

Page 3 of 255