| Bypassing SSRF Protection to Exfiltrate AWS Metadata from LarkSuite |
|
|
|
| 120 Days of Frequent Hacking |
|
|
|
| The Tale of a Click leading to RCE |
|
|
|
| Stealing administrative JWT's through post auth SSRF (CVE-2021-22056) |
|
|
|
| 120 Days of High Frequency Hunting |
|
|
|
| Exploiting Redash instances with CVE-2021-41192 |
|
|
|
| Fixing the Unfixable: Story of a Google Cloud SSRF |
|
|
|
| Turning bad SSRF to good SSRF: Websphere Portal |
|
|
|
| MS Teams: 1 feature, 4 vulnerabilities |
|
|
|
| Bring Your Own SSRF – The Gateway Actuator |
|
|
|
| A story about a not-so-direct SSRF |
|
|
|
| SSRF vulnerability in AppSheet - Google VRP |
|
|
|
| My mindset while hunting on Yandex and my SSRF |
|
|
|
| VMware vCenter earlier versions (7.0.2.00100) has unauthorized arbitrary file read + ssrf + xss vulnerability |
|
|
|
| Multiple Vulnerabilities In Concrete CMS – Part2 (PrivEsc/SSRF/etc) |
|
|
|
| URL whitelist bypass in https://cxl-services.appspot.com |
|
|
|
| Simple SSRF Allows Access To Internal Assets |
|
|
|
| Unrestricted File Upload Leads to SSRF and RCE |
|
|
|
| Chaining Path Traversal with SSRF to disclose internal git repo data in a Bank Asset |
|
|
|
| Easy SSRF from Wayback Machine |
|
|
|
| Moodle - Stored XSS and blind SSRF possible via feedback answer text |
|
|
|
| Hacking Netflix Eureka! |
|
|
|
| Pre-Auth SSRF To Full MailBox Access (Microsoft Exchange Server Exploit) |
|
|
|
| Chaining bugs for better bounties |
|
|
|
| SSRF in PDF export with PhantomJs |
|
|
|
writeups.xyz
/
SSRF