writeups.xyz

This Website is a collection of Information Security and Bug Bounty writeups that allows you to easily filter writeups by vulnerabilities, programs, authors, and more, making your research and exploration of security issues simpler and more efficient.

Important Note: Please remember that the inclusion of a program or target in this directory does not imply permission to conduct any hacking activities. Always review and adhere to the specific policies of each program before taking any action.

Title	Vulnerabilities	Programs	Authors
Government Emails at Risk: Critical Cross-Site Scripting Vulnerability in Roundcube Webmail	XSS Security Code Review	Roundcube	Oskar Zeino-Mahmalat
Unveiling Remote Code Execution in AI chatbot workflows 💵	AI Chatbot RCE	Undisclosed	Anurag__Verma
How I Earned $469 Bounty: Bypassing Plan Restriction	Privilege Escalation Broken Access Control	Undisclosed	Abhi Sharma (@A13h1_)
How I Got Critical P2 Bug on Google VRP	Missing Authentication Information Disclosure	Google	Kazi Hashibur Rahman
No Database No Table, how do you do MSSQL Injection?	SQL Injection	Undisclosed	Cyku (@Cyku_tw)
Auditing Atlassian Plugins, 53 0-Days Later	XSS	Atlassian	Cyllective (@Cyllective)
Beyond the Limit: Expanding single-packet race condition with a first sequence sync for breaking the 65,535 byte limit	Race Condition	Undisclosed	RyotaK (@Ryotkak)
KnowBe4 RCE and LPE	RCE Local Privilege Escalation DLL Hijacking	KnowBe4	Ceri Coburn
Account Takeover via Broken Authentication Workflow: Free Lifetime Streaming!	Broken Authentication Account Takeover	Undisclosed	Rohan Ahuja
Pwn2Own Miami: Aveva Edge Arbitrary DLL Loading Vulnerability	Arbitrary DLL Loading RCE	AVEVA	Piffd0s (@Piffd0s)
SAML Authentication Bypass Leading to Admin Panel Access	SAML Authentication Bypass	Undisclosed	Ahmed Tarek
Credential Disclosure in LastPass	Clickjacking	LastPass	Wolfgang Ettlinger
Escalating Privileges in Google Cloud via Open Groups	Cloud Privilege Escalation	Google (GCP)	Thomas Elling
Plug Security Holes in React Apps That Can Lead to API Exploitation	SSO JWT Broken Authentication Missing Authentication	Siemens	Eaton Z. (@XeEaton)
Teaching the Old .NET Remoting New Exploitation Tricks	.NET Remoting	Microsoft (.NET Framework) Apache Log4net	Markus Wulftange (@Mwulftange)
CVE-2023-42929: Why do we need the App Container Protection	TCC Bypass	Apple (MacOS)	Mickey Jin (@Patch1t)
Interesting Business Logic Error leads to Pre-Account Takeover via Verification bypass on GoogleVRP	Account Takeover Logic Flaw	Google	Jerry1319 (@Mdhsan19)
MITMing the Xbox 360 Dashboard for Fun and RCE	MiTM RCE	Microsoft (Xbox)	Lander (@Landaire)
Stealing First Party Access Token of Facebook Users: Meta Bug Bounty	OAuth Account Takeover	Meta / Facebook	Saugat Pokharel (@Saugatscript)
A Creative Way To Get Someones YouTube Videos Deleted + A Copyright Strike Against Their YouTube Channel	IDOR Broken Access Control	Google (Youtube)	Cam (@SecretlyHidden1)
Bypass Plan Restriction & Get 350$ Bounty	Privilege Escalation	Undisclosed	Abhi Sharma (@A13h1_)
Drop the Mic (CVE-2019-1166)	NTLM MiTM Internal Pentest	Microsoft (Windows)	AJ Hammond (@4JMAN)
Oracle Retail Xstore Suite: Pre-authenticated Path Traversal	Path Traversal Security Code Review	Oracle	Louis Wolfers (@TG91aXMK) Quentin Roland (@Croco_byte)
Over 1 Million websites are at risk of sensitive information leakage - XSS is dead. Long live XSS	XSS OAuth	Hotjar	Aviad Carmel (@AviadCarmel)
Unlocking the Weak Spot: Exploiting Insecure Password Reset Tokens	Bruteforce Lack of Rate Limiting Password Reset Account Takeover	Undisclosed	Mosaad Sallam (@H0tak88r)

Page 5 of 255