Back to directory
WRITEUP #4165

Github Secrets exposed due to RCE in Formatter Action from pull_request_target event

RCE
byAnthony Weems
Bounty
500
Program
Google
Published
Dec 17, 2020
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://lf.lc/vrp/175896812/
RELATED WRITEUPS
Vulnerabilities in Open Source C2 Frameworks
RCEOS command injection
[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package
RCEDependency confusion
Attacking PowerShell CLIXML Deserialization
DeserializationInsecure deserialization
Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS
RCEArbitrary file write
We Spent $20 To Achieve RCE And Accidentally Became The Admins Of .MOBI
RCETLD hacking

Built with ❤️ by Shubham Rawat