bug-bounty488
xss283
google177
microsoft156
rce146
facebook140
bragging-post117
account-takeover102
exploit101
apple95
csrf85
authentication-bypass77
stored-xss75
privilege-escalation69
open-source66
reflected-xss63
malware62
cve61
writeup60
web-security60
access-control59
ai-agents53
ssrf52
input-validation51
defi48
cross-site-scripting48
smart-contract47
sql-injection44
ethereum44
browser42
phishing40
web-application38
information-disclosure38
api-security38
oauth37
burp-suite36
dos36
web335
aws35
lfi34
tool33
smart-contract-vulnerability33
react33
docker33
html-injection32
supply-chain31
waf-bypass31
vulnerability-disclosure31
responsible-disclosure31
idor30
0
6/10
vulnerability
A researcher discovered a Local File Inclusion (LFI) vulnerability in Apache Drill by manipulating the dfs storage plugin configuration to read arbitrary files from the server, such as /etc/passwd, via crafted SQL queries.
lfi
local-file-inclusion
apache-drill
directory-traversal
information-disclosure
recon
storage-plugin
query-exploitation
bug-bounty
Apache Drill
HackerOne
Jobert Abma
Gujjuboy10x00
Freedium