{"uuid": "b3e8e7e4-043f-446f-b9ed-664268d5ef48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21225", "type": "seen", "source": "https://t.me/bughuntertips/449", "content": "1. Change Any User Data on NFT Marketplace (Crosea IO)\n2. Hubspot Full Account Takeover in Bug Bounty\n3. Web Cache Deception Attack on 404 page exposing PII data to unauth users\n4. From Zero to Hero Intel DCM SQL Injection to RCE (CVE-2022-21225)\n5. From Recon via Censys and DNSDumpster to getting P1\n6. CRLF (GBK encoding) to XSS - Microsoft Bug Bounty 6000$\n7. Abusing Hop-by-hop header CRLF injection\n8. Exploiting non-cloud SSRF for fun &amp; profit\n9. 2 RCE in EPAM Bug Bounty Program\n10. \u0422\u0440\u0438 SQL \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0432\u0441\u0435\u0433\u043e \u0437\u0430 10 \u043c\u0438\u043d\u0443\u0442\n11. \u041a\u0430\u043a \u0440\u0430\u0441\u043a\u0440\u0443\u0442\u0438\u0442\u044c RCE \u0432 \u0447\u0430\u0442-\u0431\u043e\u0442\u0435\n12. \u0422\u0440\u0438 \u0437\u0430\u0431\u0430\u0432\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0440\u0438\u0438 \u0438\u0437 \u0411\u0430\u0433\u0431\u0430\u0443\u043d\u0442\u0438\n13. 10 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u043e\u0442\u0440\u0435\u043f\u043e\u0440\u0442\u0438\u0442\u044c \u0435\u0440\u0443\u043d\u0434\u0443 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0437\u0430 \u044d\u0442\u043e \u0434\u0435\u043d\u044c\u0433\u0438\n14. 10 \u0442\u0438\u043f\u043e\u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0437\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u0441\u0435 \u0437\u0430\u0431\u044b\u0432\u0430\u044e\u0442\n15. \u041a\u0430\u043a \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0432\u0435\u0431\u043a\u044d\u0448 \u043d\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439\n\n#bugbountytips", "creation_timestamp": "2024-05-15T16:04:40.000000Z"}