RFI | writeups.xyz

Title	Vulnerabilities	Programs	Authors
Unmasking an RFI to LFI Escalation	RFI LFI DoS	Undisclosed	Laburity Research Team
Sony Bravia Remote Code Execution Disclosure	RCE Unrestricted File Upload RFI	Sony	Brett DeWall (@Xbadbiddyx) Michael Rand
Hacking AI: System and Cloud Takeover via MLflow Exploit	LFI RFI RCE	MLflow	Dan McInerney (@DanHMcInerney)
Remote code execution in BIRT Viewer ≤ 4.12.0 (CVE-2023-0100)	RCE RFI URL Validation Bypass Security Code Review	Eclipse Foundation	Louis Wolfers (@TG91aXMK)
How I found multiple critical bugs in Red Bull	Authentication Bypass HTTP Response Manipulation Path Traversal LFI XSS SQL Injection RCE Unrestricted File Upload RFI Security Code Review	Red Bull	Bartłomiej Bergier (@_Bergee_)
URL filter bypass, RFI and XSS	Stored XSS RFI	Undisclosed	Bartłomiej Bergier (@_Bergee_)
How I escalated RFI into LFI	RFI LFI	Undisclosed	Hassan Khan Yusufzai (@Splint3r7)
The Unusual Case of Status code- 301 Redirection to AWS Security Credentials Compromise	SSRF RFI	Undisclosed	Avinash Jain (@Logicbomb_1)
How I Hacked Fotor & Got “Nothing”	SSRF RFI	Fotor	Somdev Sangwan (S0md3v)
Hacking Magento eCommerce For Fun And 17.000 USD	Information Disclosure LFI RFI	Adobe	Egidio Romano / EgiX
How I got access to millions of [redacted] accounts	RFI	Undisclosed	Bitquark (@Bitquark)

Page 1 of 1