Back to directory

WRITEUP #393

Subdomain Fuzzing worth 35k bounty!

RCEAuthentication bypassSQL injection

byAbdullah Nawaf / HX007

Bounty

35,000

Program

-

Published

Mar 18, 2024

Added to HackDex

May 8, 2024

Read Full Writeuphttps://medium.com/@HX007/subdomain-fuzzing-worth-35k-bounty-daebcb56d9bc

▸ RELATED WRITEUPS

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!

RCEConfusion attack

Exploiting authorization by nonce in WordPress plugins

RCEArbitrary file upload

[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package

RCEDependency confusion

Attacking PowerShell CLIXML Deserialization

DeserializationInsecure deserialization

Built with ❤️ by Shubham Rawat