| How 2 Cute Bugs offered me a reward of 650€ |
|
|
|
| How I Got 4 SQLI Vulnerabilities At One Target Manually Using The Repeater Tab |
|
|
|
| Hacking into gRPC-Web |
|
|
|
| Implement a Blind Error-Based SQLMap payload for SQLite |
|
|
|
| (CVE-2023-32530) Trend Micro Apex Central 2019 (<= Build 6016) Authenticated RCE |
|
|
|
| My first Critical on hackerone with a $6,400 bounty — SQL Injection |
|
|
|
| Chained to hit: Discovering new vectors to gain remote and root access in SAP Enterprise Software |
|
|
|
| Chaining our way to Pre-Auth RCE in Metabase (CVE-2023-38646) |
|
|
|
| CVE-2023-36934: Progress Software MOVEit Transfer SQL Injection Remote Code Execution Vulnerability |
|
|
|
| Unexpected Zero in MySQL Injection |
|
|
|
| CVE-2023-36934 Analysis: MOVEit Transfer SQL Injection |
|
|
|
| Why ORMs and Prepared Statements Can't (Always) Win |
|
|
|
| How I found a SQL Injection bug in using my cellphone. |
|
|
|
| My First Bug is RCE via SQL injection! |
|
|
|
| AWS WAF Clients Left Vulnerable to SQL Injection Due to Unorthodox MSSQL Design Choice |
|
|
|
| SQL Injection in The HTTP Custom Header |
|
|
|
| Patch Diffing Progress MOVEIt Transfer |
|
|
|
| Bypassing An Industry-Leading WAF and Exploiting SQLi |
|
|
|
| Kramer VIA GO² – Multiple issues |
|
|
|
| I helped a top Indian health benefits management platform from major PII leak by hacking their SQL Servers, AWS instance, DCs etc. |
|
|
|
| Exploiting SQL Error SQLSTATE[42000] To Own MariaDB of A Large Online Media Leader |
|
|
|
| Pimcore: One click, two security vulnerabilities |
|
|
|
| Automating SQL Injection On Encrypted Request |
|
|
|
| How I Chained an Information Disclosure Bug with SQL Injection |
|
|
|
| IP spoofing and SQL injection in Textcube |
|
|
|
writeups.xyz
/
SQL Injection