Back to directory

WRITEUP #3716

GitLab Arbitrary File Read & Write through Kroki - CVE-2021-22203

OtherArbitrary file read

by@ledz1996(Anh Duc Nguyen)

Bounty

5,600

Program

-

Published

May 25, 2021

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://ledz1996.gitlab.io/blog/writeups/CVE-2021-22203-gitlab-arbitrary-file-read-write-through-kroki

▸ RELATED WRITEUPS

CVE-2024-29511 – Abusing Ghostscript’s OCR device

OtherArbitrary file read

Data Theft in Salesforce: Manipulating Public Links

OtherSOQL injection

When Certificates Fail: A Story of Bypassed MFA in Remote Access

Other2FA / MFA bypass

SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuff

Ghost In The Ppl Part 1: Byovdll

OtherUse-After-Free

Built with ❤️ by Shubham Rawat