out-of-band

1 article
sort: new top best
clear filter
bug-bounty463 xss280 google230 microsoft189 facebook175 rce127 apple123 bragging-post110 account-takeover98 exploit94 csrf82 authentication-bypass70 stored-xss67 reflected-xss60 privilege-escalation57 access-control53 cve52 writeup50 input-validation49 defi48 cross-site-scripting47 web-security47 smart-contract47 open-source46 malware45 ethereum44 ssrf44 react41 sql-injection40 browser40 web-application37 oauth37 docker36 api-security35 burp-suite35 web335 dos35 ai-agents35 supply-chain33 smart-contract-vulnerability33 information-disclosure33 aws32 vulnerability-disclosure30 lfi30 clickjacking29 responsible-disclosure29 denial-of-service29 node28 idor28 html-injection28
0 6/10
Latex to RCE private bug bounty program
bug-bounty

A bug bounty writeup describing how LaTeX injection in a journal CMS's PDF conversion feature can be exploited to read arbitrary files and achieve remote command execution via crafted LaTeX payloads, escalated to database/Elasticsearch access through SSRF.

latex-injection rce command-execution bug-bounty xss ssrf pdf-conversion cms-vulnerability file-read out-of-band privilege-escalation
Yasho InfoSec Write-ups
medium.com · devanshbatham/Awesome-Bugbounty-Writeups · 6 hours ago · details