swap.gs

visual studio code rce with an argument injection in the git url handler (on microsoft.com)
cve-2022-30129
path traversal vulnerabilities in icinga web (on sonarsource.com)
cve-2022-24715 cve-2022-24716
an argument injection to compromise packagist.org for the second time (on packagist.org)
cve-2022-24828
two bugs to rule them all: taking over the php supply chain @ insomnihack 2022 (on youtube.com)
vscode, jetbrains and git prompts rce using git repositories (on sonarsource.com)
cve-2021-43891 cve-2022-24346
takeover of pear.php.net (on sonarsource.com)
cve-2022-27157 cve-2022-27158
authentication bypass in zabbix < 5.4.9 (on sonarsource.com)
cve-2022-23131 cve-2022-23134
visual studio code workspace trust bypass (on microsoft.com)
cve-2021-43891
code security advent calendar (on sonarsource.com)
gocd code execution chain (on sonarsource.com)
cve-2021-43286 cve-2021-43289 cve-2021-43290
stored cross-site scripting to rce in smartstorenet <= 4.1.1 (on sonarsource.com)
cve-2021-32607 cve-2021-32608
post-auth code execution in cachet <= 2.4 (on sonarsource.com)
cve-2021-39172 cve-2021-39173 cve-2021-39174
pre-auth rce on western digital pr4100 and various d-link devices (on synacktiv.com)
pre-auth rce on elfinder (on sonarsource.com)
cve-2021-32682 cve-2021-23394
pwnies awards nomination (on pwnies.com)
cve-2021-29472
post-auth code execution on grav cms (on sonarsource.com)
cve-2021-29439 cve-2021-29440
argument injection in composer, leading to takover of packagist.org (on sonarsource.com)
cve-2021-29472
pwn2own 2020: buffer overflow on the tp-link ac1750 (on synacktiv.com)
cve-2021-27246
pwn2own 2020: lan-side rce on tp-link ac1750 routers (on twitter.com)
lpe on softaculous via unsafe environment (on vulnerable.af)
cve-2020-26886
suphp - the vulnerable ghost in your shell (on vulnerable.af)
local privilege escalation in fortinet ssl vpn client for linux (on synacktiv.com)
local privilege escalation on ubuntu's pppd < 2.4.7-2+4.1ubuntu5.1
cve-2020-15704
ubuntu ppp privilege escalation exploit (on synacktiv.com)
cve-2020-15704
modern php security part 2: breaching and hardening the php engine (on labs.detectify.com)
modern php security part 1: bug classes (on labs.detectify.com)
hack-a-sat 2020 write-ups (on github.com)
local privilege escalation on aegir hostmaster
sa-contrib-2020-031
xxe in sap control center and sap cockpit framework
modern php security, presented with @_lemeda at sec4dev 2020, detectify hacker school
fic2020 prequals ctf write-up (on synacktiv.com)
time-efficient assessment of open-source projects, presented with @szlam_ at pass the salt 2019
pre-auth sql injection in wp-google-maps < 7.11.18 (400k+ installs)
cve-2019-10692
pre-auth command execution in minimal setup of elfinder < 2.1.48
cve-2019-9194
pre-auth sql injection in glpi <= 9.3.3
cve-2019-10232
xxe, ssrf in jenkins job import plugin <= 2.1 (on synacktiv.com)
rutorrent code review (on synacktiv.com)
pre-auth blind sql injection in wp-statistics < 12.6.7 (500k+ installs)
cve-2019-13275
various critical vulnerabilities in pineapp mail secure 5.1
pre-auth code execution in duplicator < 1.2.42 (1m+ installs)
cve-2018-17207
duplicator < 1.2.42 msf module
cve-2018-17207
sql injection flyspray <= v1.0-rc6 (on synacktiv.com)
sql injection in image intense <= 3.2.5 (on synacktiv.com)
local privilege escalation in super duper <= 3.1.6
reflected generic xss in zend server < 9.1.3 (on synacktiv.com)
remote code execution in etherpad <= 1.6.3
cve-2018-9327
remote code execution in etherpad <= 1.6.3
cve-2018-9326
information leak in etherpad <= 1.6.3
cve-2018-9325
authentication bypass in etherpad <= 1.6.3
cve-2018-9845
write-up of an exploit for a kernel bug (not mine) in waitid (on ed-diamond.com)
cve-2017-5123
wordpress security: hunting bugs in a supermarket, presented at security day lille #2
hackingweek 2015: make exploit write-up
hackingweek 2015: mysql exploit write-up
cve-2012-5611