privilege-escalation 22
- JWT Algorithm Confusion Leads to Privilege Escalation | Halftone Studio
- NoSQL Injection Leads to Treasury Account Takeover | Coined
- Multi-Step Access Control Bypass Leads to Administrative Compromise | Tamper Temple
- GraphQL Role Parameter Abuse Leads to Restricted Medical Note Disclosure | Clearance
- Privilege Escalation – Unsigned Session Token Tampering | Spindrift Workspace
- Privilege Escalation – Client-Side Role Cookie Tampering | Session Swap
- Privilege Escalation – JWT None Algorithm Abuse | Stargate Atlas
- Mass Assignment – Role Escalation | Salt Brook Pilates
- Workflow Access Control Bypass – Admin Privilege Escalation | Lazy Human Resources
- Mass Assignment Leading to Admin Account Creation | Trellis
- JWT Secret Cracking & Privilege Escalation via Forged Tokens | Tally
- JWT alg:none Authentication Bypass to Admin Access | EverGreen
- Broken Access Control – Role Manipulation via User Registration | Tanuki
- SMB Exploit (MS17-010 EternalBlue) – Remote Code Execution & Privilege Escalation | Blue
- SQL Injection – Authentication Bypass & Privilege Escalation | Simple CTF
- Broken Access Control – Credential Leakage to Privilege Escalation | Silver Platter
- Remote Code Execution – Nostromo Exploit to Root via Dirty Pipe | Glitch
- Remote Code Execution – Supervisor Exploit to Root via SUID Python | Super Process
- Remote Code Execution – GLPI Exploit to Root & ZIP Password Cracking | Find and Crack
- Broken Access Control – Privilege Escalation via Client-Controlled Cookie | Privilege Escalation via Client-Controlled Cookie
- Broken Access Control – Unprotected Admin Panel via Unpredictable URL Leading to Privilege Escalation | Unprotected Admin Panel
- Broken Access Control – Unprotected Admin Functionality Leading to Privilege Escalation | Unprotected Admin Functionality