| RCE via LFI Log Poisoning - The Death Potion |
|
|
|
| SSTI to Local File Read |
|
|
|
| SD-PWN Part 4 — VMware VeloCloud — The Last Takeover |
|
|
|
| Leveraging XSS to Read Internal Files |
|
|
|
| Leveraging LFI to RCE in a website with +20000 users |
|
|
|
| How I hacked redbus [An online bus-ticketing application] |
|
|
|
| $$ Bounties for Unauthenticated file read in Cisco ASA CVE-2020–3452 |
|
|
|
| How I was able to find easy P1 just by doing Recon |
|
|
|
| Don’t stop at one bug $$$$ |
|
|
|
| Local file read via XSS using PDF generate functionality |
|
|
|
| Client, not client! |
|
|
|
| My First LFI |
|
|
|
| How I escalated RFI into LFI |
|
|
|
| Bug Bounty - Information Disclosure through error message + WAF Bypass led to Local File Inclusion |
|
|
|
| Local File Inclusion in peering.google.com |
|
|
|
| WRITE UP – GOOGLE BUG BOUNTY: LFI ON PRODUCTION SERVERS in “springboard.google.com” – $13,337 USD |
|
|
|
| The journey of Web Cache + Firewall Bypass to SSRF to AWS credentials compromise! |
|
|
|
| Chain of hacks leading to Database Compromise! |
|
|
|
| LFI in Apigee portals |
|
|
|
| Magento – RCE & Local File Read with low privilege admin rights |
|
|
|
| Abusing MySQL clients to get LFI from the server/client |
|
|
|
| Exploiting SSRF like a Boss — Escalation of an SSRF to Local File Read! |
|
|
|
| Evernote For Windows Read Local File and Command Execute Vulnerabilities |
|
|
|
| Arbitrary File Read in one of the largest CRMs |
|
|
|
| Local file inclusion at IKEA.com |
|
|
|
writeups.xyz
/
LFI