writeups.xyz

This Website is a collection of Information Security and Bug Bounty writeups that allows you to easily filter writeups by vulnerabilities, programs, authors, and more, making your research and exploration of security issues simpler and more efficient.

Important Note: Please remember that the inclusion of a program or target in this directory does not imply permission to conduct any hacking activities. Always review and adhere to the specific policies of each program before taking any action.

Title	Vulnerabilities	Programs	Authors
Front-End Frameworks: When Bypassing Built-in Sanitization Might Backfire	Client-Side Path Traversal XSS Security Code Review	Firefly III	Stefan Schiller (@Scryh_)
CVE-2024-38428 Wget Vulnerability: All you need to know	SSRF MiTM Phishing Data Leak Security Code Review	GNU Wget	Goni Golan
How I Got $150 on HackerOne for My First Bug	2FA / MFA Bypass	Undisclosed	Likith Teki (@Likith_teki)
Stored XSS in LibreOffice	Stored XSS	LibreOffice	Aayush Kumar (@Bunny_0417)
How I got my first $13500 bounty through Parameter Polluting (HPP)	IDOR XSS	Undisclosed	RAmpancist
How i hacked NASA? at NASA VDP	RCE Code Injection	NASA	Fadhli Almunawar
Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources	Cloud RCE DoS Account Takeover Information Disclosure	AWS	Yakir Kadkoda Ofek Itach Michael Katchinskiy
Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!	Confusion Attack RCE XSS Access Control Bypass Authentication Bypass SSRF	Apache HTTP Server ModSecurity Redmine	Orange Tsai (@Orange_8361)
Git-Syncing into Trouble: Exploring Command Injection Flaws in Kubernetes	Command Injection	Kubernetes	Tomer Peled (@Tomerpeled92)
Gotta cache 'em all: bending the rules of web cache exploitation	Web Cache Poisoning Web Cache Deception	Undisclosed	Martin Doyhenard (@Tincho_508)
Persistent XSS on Microsoft Bing.com by poisoning Bingbot indexing	Stored XSS	Microsoft (Bing)	Supakiad S. (@Supakiad_Mee)
Exploring Anti-Phishing Measures in Microsoft 365	Phishing	Microsoft	William Moody
Listen to the whispers: web timing attacks that actually work	Timing Attack SSRF WAF Bypass Reverse Proxy Misconfiguration	Undisclosed	James Kettle (@Albinowax)
Living off the VPN — Exploring VPN Post-Exploitation Techniques	Hardcoded Secrets Credentials Sent Over Unencrypted Channel	Ivanti (Connect Secure) Fortinet (Fortigate VPN)	Ori David (@Oridavid123)
Splitting the email atom: exploiting parsers to bypass access controls	Web Cache Poisoning Web Cache Deception	Undisclosed	Gareth Heyes (@Garethheyes)
The Butterfly Effect: Turning Overlooked - Misconfigurations into Zero Click Account Takeover	GraphQL IDOR Authentication Bypass Account Takeover	Undisclosed	Oussama Rahali (@Ourahali)
UnOAuthorized: Privilege Elevation Through Microsoft Applications	Cloud Privilege Escalation	Microsoft (Entra ID / Azure AD)	Eric Woodruff (@Ericonidentity)
Exploiting Lambda Functions for Fun and Profit	Serverless AWS Lambda Misconfiguration	Undisclosed	Max Rattray Siddhant Kalgutkar
Github Actions Exploitation: Dependabot	CI/CD Arbitrary Code Push Security Code Review	Spring TRPC	Hugo Vincent (@Hugow_vincent)
My First Bug Bounty: CORS Misconfiguration	CORS Misconfiguration	Undisclosed	R0b0ts (@Gimhyeo52126424)
Race Condition About The User Version and Ignored	Payment Bypass Race Condition	Undisclosed	R0b0ts (@Gimhyeo52126424)
Vestaboard: Exploring Broken Access Controls and Privilege Escalation	Broken Access Control Privilege Escalation	Vestaboard	Tyler Ramsbey (@Tyler_Ramsbey)
AI Under Siege: Discovering and Exploiting Vulnerabilities	AI Prompt Injection CSRF Markdown Injection OAuth	Undisclosed	Mosaad Sallam (@H0tak88r) Mohamed Walid (@L0daW)
CSWSH Meets LLM Chatbots	LLM Chatbot Websockets Cross-Site WebSocket Hijacking (CSWH)	Undisclosed	Sachin Sharma
Exploiting authorization by nonce in WordPress plugins	RCE Arbitrary File Upload SQL Injection Security Code Review	Wordfence	Bartek Nowotarski

Page 4 of 255