Back to directory
WRITEUP #42

The Hunt for XXE to LFI: How I Uncovered CVE-2019–9670 in a Bug Bounty Program

XXELFIComponents with known vulnerabilities
by@karthithehacker(Karthikeyan.V)
Program
-
Published
Aug 31, 2024
Added to HackDex
Sep 4, 2024
Read Full Writeuphttps://infosecwriteups.com/the-hunt-for-xxe-to-lfi-how-i-uncovered-cve-2019-9670-in-a-bug-bounty-program-5668e4afa806
RELATED WRITEUPS
IIS welcome page to source code review to LFI!
SSRFLFI
$15k RCE Through Monitoring Debug Mode
RCELFI
How I got $24000 Bounty from a Log4j RCE in Apple App Store.
RCEComponents with known vulnerabilities
Studying 0days: How we hacked Anki, the world's most popular flashcard app
RCEComponents with known vulnerabilities
We hacked Anki - 0 day exploit from studying someone elses flashcards
RCEComponents with known vulnerabilities

Built with ❤️ by Shubham Rawat