Full read SSRF in www.evernote.com that can leak aws metadata and local file inclusion
2021-12-07 09:02:08  •  阅读 0 •  点我收藏   
IDOR to view order information of users and personal information
2021-12-07 05:29:05  •  阅读 0 •  点我收藏   
xss is triggered on your web
2021-12-06 15:08:27  •  阅读 0 •  点我收藏   
[h1-2102] Wholesale - CSRF to Generate Invitation Token for a Customer and Move Customer to Invited Status
2021-12-06 11:35:51  •  阅读 0 •  点我收藏   
Recaptcha Secret key Leaked
2021-12-05 06:00:14  •  阅读 0 •  点我收藏   
Authenticated kubernetes principal with restricted permissions can retrieve ingress-nginx serviceaccount token and secrets across all namespaces
2021-12-04 21:32:52  •  阅读 0 •  点我收藏   
Staff can use BULK_OPERATIONS_FINISH webhook topic using Graphql without permissions all
2021-12-04 12:25:17  •  阅读 0 •  点我收藏   
reflected xss on the path m.tiktok.com
2021-12-04 12:25:17  •  阅读 0 •  点我收藏   
IDOR the ability to view support tickets of any user on seller platform
2021-12-04 12:25:17  •  阅读 0 •  点我收藏   
File System Monitoring Queue Overflow
2021-12-04 01:15:14  •  阅读 0 •  点我收藏   
access to stack memory beyond array boundaries
2021-12-04 01:15:10  •  阅读 0 •  点我收藏   
[h1-2102] [Yaworski's Broskis] Suspected overcharge and chargebacks in PoS
2021-12-04 01:15:06  •  阅读 0 •  点我收藏   
Unathorised access to admin endpoint on plus-website-staging5.shopifycloud.com
2021-12-03 23:42:21  •  阅读 0 •  点我收藏   
Ability to add address without being an admin or staff in the store via wholesale store
2021-12-03 23:42:18  •  阅读 0 •  点我收藏   
Stored XSS in files.slack.com
2021-12-03 08:05:03  •  阅读 0 •  点我收藏   
Bypassing HTML filter in "Packing Slip Template" Lead to SSRF to Internal Kubernetes Endpoints
2021-12-03 06:17:12  •  阅读 0 •  点我收藏   
CSS injection via link tag whitelisted-domain bypass - https://www.glassdoor.com
2021-12-03 03:02:41  •  阅读 0 •  点我收藏   
account takeover through password reset in url https://reklama.tochka.com/
2021-12-02 22:11:44  •  阅读 0 •  点我收藏   
Privilege Escalation leads to trash other users comment without having admin rights.
2021-12-01 21:21:27  •  阅读 0 •  点我收藏   
Stored XSS on https://community.my.games/ (Add Post)
2021-12-01 20:31:49  •  阅读 0 •  点我收藏   
Reflected XSS in photogallery component on [https://market.av.ru]
2021-12-01 20:31:49  •  阅读 0 •  点我收藏   
Просмотр аттачей удаленного сообщения.....
2021-12-01 18:19:14  •  阅读 0 •  点我收藏   
Раскрытие названия частной группы через старый бокс просмотра фото.
2021-12-01 18:19:14  •  阅读 0 •  点我收藏   
Просмотр аватарки замороженной страницы/частной группы.
2021-12-01 18:19:14  •  阅读 0 •  点我收藏   
XSS в выборе товара.
2021-12-01 18:19:14  •  阅读 0 •  点我收藏   
Получаем название и аватарку (50x50) частной группы.
2021-12-01 18:19:14  •  阅读 0 •  点我收藏   
XSS в сюжетах.
2021-12-01 18:19:14  •  阅读 0 •  点我收藏   
[https://www.glassdoor.com] - Web Cache Deception Leads to gdtoken Disclosure
2021-12-01 01:06:50  •  阅读 0 •  点我收藏   
IDOR vulnerability (Price manipulation)
2021-11-30 19:44:04  •  阅读 0 •  点我收藏   
Unauthenticated Access to Admin Panel Functions at https://███████/███
2021-11-30 09:14:18  •  阅读 0 •  点我收藏