https://www.owasp.org/index.php/Testing_for_Code_Injection_(OTG-INPVAL-012) https://www.owasp.org/index.php/Testing_for_Command_Injection_(OTG-INPVAL-013)
- [2019] - Keybase client: downloaded executables lack "com.apple.quarantine" meta-attribute [macOS]
- [2019] - Slack - User-assisted RCE in Slack for macOS (from official site) due to improper quarantine meta-attribute handling for downloaded files
- [2019] - Valve - Unchecked weapon id in WeaponList message parser on client leads to RCE
- [2019] - Remote Code Execution on www.semrush.com/my_reports on Logo upload
- [2019] - Local files could be overwritten in GitLab, leading to remote command execution
- [2019] - Potential pre-auth RCE on Twitter VPN
- [2019] - U.S. Dept Of Defense - RCE on █████ via CVE-2017-10271
- [2019] - Remote Code Execution on www.semrush.com/my_reports on Logo upload
- [2019] - RCE and Complete Server Takeover of http://www.█████.starbucks.com.sg/
- [2019] - Handlebars template injection and RCE in a Shopify app
- [2019] - Remote Code Execution At Api.PrivateProgram.Com (CVE-2017-5638)
- [2019] - RCE and Complete Server Takeover of http://www.█████.starbucks.com.sg/
- [2018] - Remote Code Execution on a Facebook server
- [2018] - RCE due to ShowExceptions
- [2018] - RCE using bash command injection on /system/images (toimitilat.lahitapiola.fi)
- [2018] - RCE in
chrome://braveavailable for navigation in Release build - [2018] - Remote Code Execution on Proxy Service (as root)
- [2018] - How an Instagram’s Story drives me to a Remote Code Execution
- [2018] - $36k Google App Engine RCE
- [2018] - Latex to RCE, Private Bug Bounty Program
- [2018] - Remote Command execution due to image tragick
- [2018] - Vanilla Forums ImportController index file_exists Unserialize Remote Code Execution Vulnerability
- [2018] - Vanilla Forums Gdn_Format unserialize() Remote Code Execution Vulnerability
- [2018] - Vanilla Forums domGetImages getimagesize Unserialize Remote Code Execution Vulnerability (critical)
- [2017] - Facebook's Imagetragick Story
- [2017] - Exploiting Node.js deserialization bug for Remote Code Execution
- [2017] - Taking note: XSS to RCE in the Simplenote Electron client
- [2017] - How I got 5500$ from Yahoo for RCE
- [2017] - How I Chained 4 vulnerabilities on GitHub Enterprise, From SSRF Execution Chain to RCE!
- [2017] - Yahoo! RCE via Spring Engine SSTI
- [2017] - Command Injection in Yahoo Acquisition
- [2017] - RCE in Imgur by Command Line
- [2017] - RCE in Jenkin Instance
- [2016] - How I Hacked Facebook, and Found Someone's Backdoor Script
- [2016] - How we broke PHP, hacked Pornhub and earned $20,000
- [2016] - Remote Code Execution by impage upload!
- [2016] - How I hacked Pornhub for fun and profit - 10,000$
- [2016] - JetBrains IDE Remote Code Execution and Local File Disclosure
- [2016] - Google Cloud Remote Command Injection (RCE)
- [2016] - PayPal Node.js code injection (RCE)
- [2016] - Gitlab - Read files on application server, leads to RCE
- [2016] - uber.com may RCE by Flask Jinja2 Template Injection
- [2015] - JDWP Remote Code Execution in PayPal
- [2015] - Telekom.de Remote Command Execution!
- [2015] - Magento Remote Code Execution Vulnerability!
- [2014] - RCE deal to tricky file upload
- [2013] - XXE in OpenID Led to RCE
- [2013] - Yahoo Bug Bounty - *.login.yahoo.com Remote Code Execution
- [2013] - eBay PHP Parameter Injection lead to RCE