Back to directory
WRITEUP #3760

Unauthorized access to Django Admin Dashboard by endpoint leaked on GitHub

RCEMissing authenticationForced browsing
by@killmongar1996(Santosh Kumar Sha)
Program
-
Published
May 10, 2021
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://notifybugme.medium.com/unauthorized-access-to-django-admin-dashboard-by-endpoint-leaked-on-github-5336969ddbbc
RELATED WRITEUPS
CVE-2024-45195: Apache OFBiz Unauthenticated Remote Code Execution (Fixed)
RCEForced browsing
From MLOps to MLOops: Exposing the Attack Surface of Machine Learning Platforms
AI / LLMAI
Vulnerabilities in Open Source C2 Frameworks
RCEOS command injection
[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package
RCEDependency confusion
Attacking PowerShell CLIXML Deserialization
DeserializationInsecure deserialization

Built with ❤️ by Shubham Rawat