gadget-chain

2 articles
Sort: New Top Best
clear filter
bug-bounty621 facebook431 xss316 google103 rce101 csrf60 microsoft59 web354 account-takeover53 writeup50 apple42 sqli41 cve35 ssrf34 exploit33 dos31 privilege-escalation28 defi28 cloudflare27 smart-contract-vulnerability25 idor24 subdomain-takeover24 ethereum23 clickjacking23 smart-contract23 vulnerability-disclosure21 access-control21 auth-bypass19 malware19 remote-code-execution18 lfi17 cors16 race-condition15 cloud15 reverse-engineering14 authentication-bypass14 solidity14 oauth12 browser12 info-disclosure12 aws12 sql-injection11 delegatecall11 denial-of-service11 phishing11 web-application-security10 vulnerability9 buffer-overflow9 web-security9 token-theft9
0
Paypal RCE
bug-bounty

A critical remote code execution vulnerability was discovered in PayPal's manager.paypal.com through unsafe Java object deserialization in the 'oldFormData' parameter, exploitable via the Commons Collections gadget chain and ysoserial tool to execute arbitrary OS commands and access production databases. The vulnerability was reported in December 2015 and patched by PayPal's security team.

remote-code-execution java-deserialization unsafe-deserialization object-deserialization commons-collections ysoserial paypal bug-bounty web-application post-parameter-injection gadget-chain arbitrary-command-execution
PayPal manager.paypal.com Michael Stepankin artsploit Chris Frohoff Gabriel Lawrence Mark Litchfield FoxGlove Security ysoserial Commons Collections
artsploit.blogspot.com · devanshbatham/Awesome-Bugbounty-Writeups · 4 hours ago · details
0 8/10
Findings Gadgets Like it’s 2026
research

Researchers automated Java deserialization gadget chain discovery using LLM-driven analysis combined with static call graph analysis, discovering novel chains against WildFly and other application servers. The methodology uses WALA-based call graph construction, dynamic bytecode analysis for type confusion, and Claude Code to iteratively explore and validate gadget chains through a REST API query interface.

java-deserialization gadget-chain vulnerability-discovery llm-automation static-analysis code-execution ysoserial wildfly weblogic jboss websphere jenkins opennms call-graph-analysis bytecode-analysis serializable type-confusion research
ysoserial GadgetInspector Claude Code IBM Watson Libraries for Analysis (WALA) CFR Java ASM FastAPI SQLite WildFly WebLogic WebSphere JBoss Jenkins OpenNMS Foxglove Security
atredis.com · Stephen Breen · 4 hours ago · details