Back to directory
WRITEUP #1368

Exploiting prototype pollution in Node without the filesystem

RCEServer-side prototype pollution
by@garethheyes(Gareth Heyes)
Program
-
Published
Mar 23, 2023
Added to HackDex
Mar 28, 2023
Read Full Writeuphttps://portswigger.net/research/exploiting-prototype-pollution-in-node-without-the-filesystem
RELATED WRITEUPS
Vulnerabilities in Open Source C2 Frameworks
RCEOS command injection
[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package
RCEDependency confusion
Attacking PowerShell CLIXML Deserialization
DeserializationInsecure deserialization
Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS
RCEArbitrary file write
We Spent $20 To Achieve RCE And Accidentally Became The Admins Of .MOBI
RCETLD hacking

Built with ❤️ by Shubham Rawat