| Multiple vulnerabilities in H2O ≤ 3.32.1.3 |
|
|
|
| Remote Command Execution in a Bank Server |
|
|
|
| Checkmk: Remote Code Execution by Chaining Multiple Bugs (1/3) |
|
|
|
| Visual Studio Code Jupyter Notebook RCE |
|
|
|
| GL.iNET GL-MT300N-V2 Router Vulnerabilities and Hardware Teardown |
|
|
|
| Second Order XXE Exploitation |
|
|
|
| Exploiting Distroless Images |
|
|
|
| Chaining Telegram bugs to steal session-related files. |
|
|
|
| From Shodan to RCE: That one time I hacked a Fortune 500 company. |
|
|
|
| Finding bugs to trigger Unauthenticated Command Injection in a NETGEAR router (PSV-2022–0044) |
|
|
|
| How I hacked Google to read files from their servers for free! |
|
|
|
| NodeBB 1.18.4 - Remote Code Execution With One Shot |
|
|
|
| VMware vCenter earlier versions (7.0.2.00100) has unauthorized arbitrary file read + ssrf + xss vulnerability |
|
|
|
| Write Up – Apple N/A: PII Information, Full Contact List, Main Phone No. And Main Icloud Email Extracted; Bug Patched: Arbitrary Local File Read Via Zip File And Symlinks On Ios Files App. |
|
|
|
| Riding The Inforail To Exploit Ivanti Avalanche Part 2 |
|
|
|
| Two weeks of securing Samsung devices: Part 2 |
|
|
|
| OVE-20210809-0001 Visual Studio Code .ipynb Jupyter Notebook XSS (Arbitrary File Read) |
|
|
|
| Android: Exploring vulnerabilities in WebResourceResponse |
|
|
|
| GitLab Arbitrary File Read & Write through Kroki - CVE-2021-22203 |
|
|
|
| Brave — Stealing your cookies remotely |
|
|
|
| Facebook Messenger Desktop App Arbitrary File Read |
|
|
|
| OpenEMR 5.0.1.3 Arbitrary File Actions |
|
|
|
| Firefox: How a website could steal all your cookies |
|
|
|
| CVE-2019-18426 - WhatsApp Vulnerabilities Disclosure - Open Redirect + CSP Bypass + Persistent XSS + FS read permissions + potential for RCE |
|
|
|
writeups.xyz
/
Arbitrary File Read