Contents
References
- Portswigger OS Command Injection
- Remote code execution on Basecamp.com
- Blind SSRF in /appsuite/api/oxodocumentfilter&action=addfile
- GitLab-Runner on Windows
DOCKER_AUTH_CONFIGcontainer host Command Injection - Remote Code Execution (Reverse Shell) - File Manager
- Information disclosure of secret_key_base via encoding charcters
- LFI with potential to RCE on ██████ using CVE-2019-3396
- User-assisted RCE in Slack for macOS (from official site)
- Webshell via File Upload on ecjobs.starbucks.com.cn
- Keybase client: downloaded executables lack "com.apple.quarantine" meta-attribute [macOS]
- Slack - User-assisted RCE in Slack for macOS (from official site) due to improper quarantine meta-attribute handling for downloaded files
- Valve - Unchecked weapon id in WeaponList message parser on client leads to RCE
- Remote Code Execution on www.semrush.com/my_reports on Logo upload
- Local files could be overwritten in GitLab, leading to remote command execution
- Potential pre-auth RCE on Twitter VPN
- U.S. Dept Of Defense - RCE on █████ via CVE-2017-10271
- RCE and Complete Server Takeover of http://www.█████.starbucks.com.sg/
- Handlebars template injection and RCE in a Shopify app
- [CVE-2018-18312] regcomp: heap-buffer-overflow write / reg_node overrun
- RCE using bash command injection on /system/images (toimitilat.lahitapiola.fi)
- RCE in
chrome://braveavailable for navigation in Release build - Remote Code Execution on Proxy Service (as root)
- Remote Command execution due to image tragick
- Vanilla Forums ImportController index file_exists Unserialize Remote Code Execution Vulnerability
- Vanilla Forums Gdn_Format unserialize() Remote Code Execution Vulnerability
- Vanilla Forums domGetImages getimagesize Unserialize Remote Code Execution Vulnerability (critical)
- RCE in Imgur by Command Line
- Remote Code Execution by impage upload!
- Gitlab - Read files on application server, leads to RCE
- uber.com may RCE by Flask Jinja2 Template Injection
- Beyond the wall: command injection still alive.
- Blind OS Command Injection
- Command Injection Through BLH
- Command Injection PoC
- Digging in to SCP Command Injection
- Unauthenticated RSFTP to Command Injection
- Command Injection Without Spaces
- Command injection which got me “6000$” from #Google
- FULL INFRASTRUCTURE TAKEOVER OF VMWARE CLOUD DIRECTOR (CVE-2020-3956)
- Remote Code Execution in Three Acts: Chaining Exposed Actuators and H2 Database Aliases in Spring Boot 2
- How I Hacked Facebook Again! Unauthenticated RCE on MobileIron MDM
- Remote Code Execution At Api.PrivateProgram.Com (CVE-2017-5638)
- Remote Code Execution on a Facebook server
- RCE due to ShowExceptions
- How an Instagram’s Story drives me to a Remote Code Execution
- $36k Google App Engine RCE
- Latex to RCE, Private Bug Bounty Program
- Facebook's Imagetragick Story
- Exploiting Node.js deserialization bug for Remote Code Execution
- Taking note: XSS to RCE in the Simplenote Electron client
- How I got 5500$ from Yahoo for RCE
- How I Chained 4 vulnerabilities on GitHub Enterprise, From SSRF Execution Chain to RCE!
- Yahoo! RCE via Spring Engine SSTI
- Command Injection in Yahoo Acquisition
- RCE in Jenkin Instance
- How I Hacked Facebook, and Found Someone's Backdoor Script
- How we broke PHP, hacked Pornhub and earned $20,000
- How I hacked Pornhub for fun and profit - 10,000$
- JetBrains IDE Remote Code Execution and Local File Disclosure
- PayPal Node.js code injection (RCE)
- JDWP Remote Code Execution in PayPal
- Telekom.de Remote Command Execution!
- Magento Remote Code Execution Vulnerability!
- RCE deal to tricky file upload
- XXE in OpenID Led to RCE
- Yahoo Bug Bounty - *.login.yahoo.com Remote Code Execution
- eBay PHP Parameter Injection lead to RCE