bug-bounty504
google358
xss310
microsoft301
facebook265
rce221
exploit213
malware168
apple164
cve142
account-takeover116
bragging-post102
privilege-escalation98
csrf92
phishing86
browser80
writeup78
supply-chain69
authentication-bypass69
dos68
stored-xss65
ssrf57
reflected-xss57
reverse-engineering55
react54
access-control52
aws49
input-validation49
cross-site-scripting48
docker47
cloudflare47
lfi47
web-security46
node46
ctf45
sql-injection45
smart-contract45
ethereum44
web-application44
web343
defi43
oauth43
race-condition40
open-source39
auth-bypass39
pentest39
cloud38
idor37
burp-suite36
info-disclosure36
0
4/10
bug-bounty
A researcher discovered an RCE vulnerability in a Nokia subdomain (emop.ext.net.nokia.com) running a vulnerable version of Drupal susceptible to Drupalgeddon by using Yandex subdomain enumeration, Nikto scanning, and version fingerprinting with WhatWeb. The finding demonstrates a practical methodology for discovering and exploiting known CMS vulnerabilities through basic reconnaissance.
rce
drupal
drupalgeddon
subdomain-enumeration
nikto
whatweb
bug-bounty
vulnerability-scanning
web-application
Nokia
nokia.com
emop.ext.net.nokia.com
Drupal
Yandex
Nikto
WhatWeb
SQLMap
suip.biz
Sampanna Chimoriya