| Microsoft SharePoint Server Post-Authentication Server-Side Request Forgery vulnerability |
|
|
|
| Atlassian Jira Align, Version 10.107.4 Advisory |
|
|
|
| Microsoft Office Online Server Remote Code Execution |
|
|
|
| Story about Escalation of HTML Injection to EC2 Instance credentials leak |
|
|
|
| A Deep Dive of CVE-2022–33987 (Got allows a redirect to a UNIX socket) |
|
|
|
| Appsmith Patches Full-Read SSRF Vulnerabilities Reported by CloudSEK |
|
|
|
| From nothing to AWS credentials |
|
|
|
| Skype for Business Audit Part 2 - SKYPErimeterleak |
|
|
|
| Pre-Auth Remote Code Execution - Web Page Test |
|
|
|
| Exploiting Web3’s Hidden Attack Surface: Universal XSS on Netlify’s Next.js Library |
|
|
|
| Securing Developer Tools: OneDev Remote Code Execution |
|
|
|
| SSRF Attack Leading To AWS Metadata |
|
|
|
| The Tale Of SSRF To RCE on .GOV Domain |
|
|
|
| SSRF(g/vrp) for 5000$ |
|
|
|
| Bug Bounty { How I found an SSRF ( Reconnaissance ) } |
|
|
|
| Exploiting Out-of-Band XXE in the Wild |
|
|
|
| WordPress Core - Unauthenticated Blind SSRF |
|
|
|
| How I found my first SSRF to RCE! |
|
|
|
| SSRF leads to access AWS metadata. |
|
|
|
| SSRF & Google HOF(Hall of Fame) |
|
|
|
| Write Up 1: Hellosign Integration [Full Read SSRF] |
|
|
|
| A Case Study of API Vulnerabilities - Part 2, and Empty Heads |
|
|
|
| CVE-2022-28219: Unauthenticated XXE to RCE and Domain Compromise in ManageEngine ADAudit Plus |
|
|
|
| Abusing functionality to exploit a super SSRF in Jira Server (CVE-2022-26135) |
|
|
|
| Miracle - One Vulnerability To Rule Them All |
|
|
|
writeups.xyz
/
SSRF