Back to directory
WRITEUP #1203

How a simple Directory Listing leads to PII Data Leakage, Remote Code Execution and many more vulnerabilities on a HR management subdomain

RCEUnrestricted file uploadStored XSSInformation disclosureDirectory listing
by@AayushVishnoi10(Aayush Vishnoi)
Program
-
Published
May 7, 2023
Added to HackDex
May 8, 2023
Read Full Writeuphttps://medium.com/@ar_hawk/how-a-simple-directory-listing-leads-to-pii-data-leakage-remote-code-execution-and-many-more-104b09e644f4
RELATED WRITEUPS
Hitting the jackpot with RCE!
RCEUnrestricted file upload
Traccar 5 Remote Code Execution Vulnerabilities
RCEUnrestricted file upload
Vulnerabilities in Homepage Dashboard
RCESSRF
Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources
CloudRCE
SSD Advisory – SonicWall SMA100 Stored XSS To RCE
RCEOS command injection

Built with ❤️ by Shubham Rawat