writeups.xyz writeups.xyz / Authentication Bypass

Title Vulnerabilities Programs Authors
The Hunt for ALBeast: A Technical Walkthrough
$1600 Bounty on a Main Domain
Breaking the Barrier: Admin Panel Takeover Worth $3500
Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
The Butterfly Effect: Turning Overlooked - Misconfigurations into Zero Click Account Takeover
SAML Authentication Bypass Leading to Admin Panel Access
Breaking Down Barriers: Exploiting Authenticated IPC Clients
Getting Unauthenticated Remote Code Execution On The Logsign Unified Secops Platform
17 vulnerabilities in Sharp Multi-Function Printers
Looking for vulnerabilities in Strapi (CVE-2024-34065)
Molding Lies Into Reality || Exploiting CVE-2024-4358
Cache Me If You Can: Local Privilege Escalation in Zscaler Client Connector (CVE-2023-41973)
Race Condition Authentication Bypass leads to Full Account Takeover
Oauth Misconfiguration Leads to 0-Click ATO
From Discovery to Disclosure: ReCrystallize Server Vulnerabilities
Micro Services, Major Headaches: Detecting Vulnerabilities in Erxes' Microservices
Subdomain Fuzzing worth 35k bounty!
Angular-ing for AuthZ, Problematic anti-patterns in Single Sign On Systems
CVE-2024-27198 and CVE-2024-27199: JetBrains TeamCity Multiple Authentication Bypass Vulnerabilities
Bypassing a login page and getting full admin access on an internal training platform
Exploiting embedded mitel phones for unauthenticated remote code execution
SSD Advisory – TP-LINK NCXXX Authentication Bypass
Nom for Security: A Proactive Security Review of Nomulus
Auth Bypass Round Two
Jumpserver Preauth RCE Exploit Chain