Back to directory

WRITEUP #5339

Chaining multiple low-impact bugs to arbitrary file read in GitLab

OtherPath traversal

by@nyan_gawa(Li Rongxi)

Program

GitLab

Published

Jun 4, 2019

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://blog.nyangawa.me/security/GitLab-Local-File-Read/

▸ RELATED WRITEUPS

Oracle Retail Xstore Suite: Pre-authenticated Path Traversal

OtherPath traversal

Securing Developer Tools: Unpatched Code Vulnerabilities in Gogs (2/2)

OtherPath traversal

Data Theft in Salesforce: Manipulating Public Links

OtherSOQL injection

Directory Traversal, SQL Injection and Server-Side Request Forgery

SQL InjectionPath traversal

When Certificates Fail: A Story of Bypassed MFA in Remote Access

Other2FA / MFA bypass

Built with ❤️ by Shubham Rawat