Back to directory

WRITEUP #3319

How I Escalated a Time-Based SQL Injection to RCE

SQL InjectionRCE

by@jmrcsnchz(JM Sanchez / 0xEchidonut)

Program

Sony

Published

Oct 17, 2021

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://infosecwriteups.com/how-i-escalated-a-time-based-sql-injection-to-rce-bbf0d68cb398

▸ RELATED WRITEUPS

Exploiting authorization by nonce in WordPress plugins

RCEArbitrary file upload

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package

RCEDependency confusion

Attacking PowerShell CLIXML Deserialization

DeserializationInsecure deserialization

Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS

RCEArbitrary file write

Built with ❤️ by Shubham Rawat