[公告]不安全上线【我的收藏】功能
2019-09-26 17:32:30  •  阅读 ♾  
[公告]不安全更换新域名为: buaq.net 短域名:https://f5.pm
2019-09-26 17:32:30  •  阅读 ♾  
Java : Add query to detect Apache Struts enabled Development mode
2021-03-05 09:44:36  •  阅读 26 •  点我收藏   
Java : Add a query to detect Spring View Manipulation Vulnerability
2021-03-05 09:44:36  •  阅读 26 •  点我收藏   
ihsinme: CPP add query for CWE-788 Access of memory location after the end of a buffer using strncat.
2021-03-05 09:44:36  •  阅读 24 •  点我收藏   
[Java] CWE-489: Query to detect main() method in Java EE applications
2021-03-05 09:44:36  •  阅读 28 •  点我收藏   
Formula Injection vulnerability in CSV export feature
2021-03-04 20:19:47  •  阅读 22 •  点我收藏   
The password of a mail share is not set if the password is given when the share is created (Nextcloud < 18)
2021-03-04 20:19:47  •  阅读 21 •  点我收藏   
Lack of session expiration after password reset on TikTok Careers Portal
2021-03-04 07:11:55  •  阅读 30 •  点我收藏   
User with single department permission can view applicant list of all department's
2021-03-04 07:11:55  •  阅读 29 •  点我收藏   
Information disclosure via a misconfigured third-party product
2021-03-03 21:07:49  •  阅读 30 •  点我收藏   
SDC bypass cloud.mail.ru for every /api/v3/* endpoint.
2021-03-03 07:53:13  •  阅读 26 •  点我收藏   
Grinchs website takendown with various other exploits
2021-03-03 06:15:35  •  阅读 23 •  点我收藏   
Leaking Rockset API key on Github
2021-03-03 04:36:58  •  阅读 29 •  点我收藏   
Minor Account Privacy can Set to Everyone.
2021-03-03 01:20:44  •  阅读 32 •  点我收藏   
Memory Dump and Env Disclosure via Spring Boot Actuator
2021-03-02 23:37:12  •  阅读 26 •  点我收藏   
Coupon codes indexed by Google
2021-03-02 07:03:09  •  阅读 30 •  点我收藏   
Config override using non-validated query parameter allows at least reflected XSS by injecting configuration into state
2021-03-02 05:26:07  •  阅读 34 •  点我收藏   
[xss] setTheme в ajax_attach_action
2021-03-02 03:48:02  •  阅读 29 •  点我收藏   
[xss] перенаправление со старых url в почте
2021-03-02 03:48:02  •  阅读 26 •  点我收藏   
[xss] passrestore на m/touch/tel
2021-03-02 03:48:02  •  阅读 26 •  点我收藏   
XXE на webdav.mail.ru - PROPFIND/PROPPATCH
2021-03-02 02:08:21  •  阅读 33 •  点我收藏   
Blind SSRF на calendar.mail.ru при импорте календаря
2021-03-02 02:08:21  •  阅读 27 •  点我收藏   
Acting under any different user via DB-stored credentials
2021-03-02 00:28:38  •  阅读 28 •  点我收藏   
Reflected XSS when renaming a file with a vulnerable name which results in an error
2021-03-02 00:28:38  •  阅读 26 •  点我收藏   
External storage app saves password for all users in the database
2021-03-02 00:28:38  •  阅读 27 •  点我收藏   
CORS Misconfiguration, could lead to disclosure of users information
2021-03-02 00:28:38  •  阅读 27 •  点我收藏   
DOM-based XSS in d.miwifi.com on IE 11
2021-03-02 00:28:38  •  阅读 25 •  点我收藏   
Reflected XSS https://tracker.my.com
2021-03-01 01:19:36  •  阅读 30 •  点我收藏   
DNS Misconfiguration (Subdomain Takeover) █.staging.█.8x8.com
2021-02-28 15:21:11  •  阅读 31 •  点我收藏   
Improper generating of access link at go.larksuite.com leads to access to other organizations/users' private data
2021-02-27 16:28:27  •  阅读 37 •  点我收藏   
User has Sender permission can Get Team information
2021-02-27 05:07:02  •  阅读 36 •  点我收藏