writeups.xyz writeups.xyz / Privilege Escalation

Title Vulnerabilities Programs Authors
How I Got Multiple Privilege Escalations - The Easy Trick?
Azure HDInsight: The Sequel – Unveiling 3 New Vulnerabilities That Could Have Led to Privilege Escalations and Denial of Service
The UI Slip I Hit 750$: UI Manipulation Leading to Unauthorized Permission Changes
Azure Devops Zero-Click CI/CD Vulnerability
Sign up for Brand Collabs Manager on behalf of other page admins – Privilege Escalation
Response Manipulation Lead To Premium Feature By Normal User Reward of $500
Sys:All: How A Simple Loophole in Google Kubernetes Engine Puts Clusters at Risk of Compromise
Roles allowing to abuse Entra ID federation for persistence and privilege escalation
500$ Access Control Bug: Performed Restricted Actions in Developer Settings by low level user.
Technical Advisory – Multiple Vulnerabilities in Nagios XI
Multiple Vulnerabilities In Extreme Networks ExtremeXOS
Owncloud: details about CVE-2023-49103 and CVE-2023-49105
$9240 Bounty in 30 days Hunt Challenge
A Easy Vertical Privilege Escalation via Session Storage
Privilege Escalation In Ibm Spectrum Virtualize
Chained to hit: Discovering new vectors to gain remote and root access in SAP Enterprise Software
Cookieless DuoDrop: IIS Auth Bypass & App Pool Privesc in ASP.NET Framework (CVE-2023-36899 & CVE-2023-36560)
Privilege Escalation — Playing with the various stages of a session state
Bad.Build: A Critical Privilege Escalation Design Flaw in Google Cloud Build Enables a Supply Chain Attack
Absuing Amazon VPC CNI Plugin For Kubernetes
Story of Clickjacking on Microsoft Leads To Privilege Escalation & Account Takeover Of Admin
Critical Foswiki Vulnerablities: A Logic Error Turned Remote Code Execution
AWS CodeBuild + S3 == Privilege Escalation
Sometimes What Sounds Benign Can Bite You: An Unexpected Implication of Lambda Privileges
Patch Diffing CVE-2023-28121 to Compromise a WooCommerce