Bug Bounty Resources

Discover Blog Posts, Articles, Repositories, Videos, HackerOne Reports.

Resource Types

Blog Post 10 GitHub Repository 305 Article 172 Video 17 HackerOne Report 11965

Tags

rce 3 port 2 network-scanner 1 lfi 1 database 1 xss 1 ping 1

Clear Filters

Leaking File Contents with a Blind File Oracle in Flarum
Introduction Flarum is a free, open source PHP-based forum software used for everything from gamin…
Advisory: Flarum LFI - CVE-2023-40033
Summary An attacker with a basic user forum account can specify a malicious avatar URL that disclo…
Finding and Exploiting Citrix NetScaler Buffer Overflow (CVE-2023-3519) (Part 3)
Introduction A lot has been written about the recent Citrix NetScaler buffer overflow. In the init…
Analysis of CVE-2023-3519 in Citrix ADC and NetScaler Gateway (Part 2)
In our last post we uncovered a vulnerability inside Citrix ADC and NetScaler Gateway that was in t…
Chaining our way to Pre-Auth RCE in Metabase (CVE-2023-38646)
Metabase is an open source business intelligence tool that lets you create charts and dashboards us…
Advisory: Metabase Pre-Auth RCE (CVE-2023-38646)
Summary An unauthenticated attacker can obtain the setup token for an instance and use it to achie…
Analysis of CVE-2023-3519 in Citrix ADC and NetScaler Gateway
Update: we have discovered the endpoint being used by threat actors for CVE-2023-3519 and you can r…
Encrypted Doesn't Mean Authenticated: ShareFile RCE (CVE-2023-24489)
Introduction As part of the security research here at Assetnote, one thing we have noticed is that…
Advisory: ShareFile Pre-Auth RCE (CVE-2023-24489)
Summary An unauthenticated attacker can upload arbitrary files leading to remote code execution. A…
Reversing Citrix Gateway for XSS
One of the targets we looked at late last year was Citrix Gateway. Citrix Gateway is another of the…