Back to directory
WRITEUP #4291

GitHub Pages - Multiple RCEs via insecure Kramdown configuration - $25,000 Bounty

RCEPath traversal
by@wcbowling(William Bowling / vakzz)
Bounty
25,000
Program
GitHub
Published
Oct 20, 2020
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://devcraft.io/2020/10/20/github-pages-multiple-rces-via-kramdown-config.html
RELATED WRITEUPS
Traccar 5 Remote Code Execution Vulnerabilities
RCEUnrestricted file upload
Path Traversal and Code Execution in CSLA.NET (CVE-2024-28698)
RCEPath traversal
Shelltorch Explained: Multiple Vulnerabilities in Pytorch Model Server (Torchserve) (CVSS 9.9, CVSS 9.8) Walkthrough
AI / LLMAI
WhatsUp Gold Pre-Auth RCE WriteDataFile Primitive (CVE-2024-4883)
RCEPath traversal
WhatsUp Gold Pre-Auth RCE GetFileWithoutZip Primitive (CVE-2024-4885)
RCEPath traversal

Built with ❤️ by Shubham Rawat