[Transportation Management Services Solution 2.0] Improper authorization at tmss.gsa.gov leads to data exposure of all registered users
2021-12-09 04:55:01  •  阅读 0 •  点我收藏   
php info file and sql backup at vendor's subdomain
2021-12-09 04:55:01  •  阅读 0 •  点我收藏   
Account Takeover through registration to the same email address
2021-12-08 19:47:20  •  阅读 0 •  点我收藏   
[allods.mail.ru] - WebCache Poisoning Host Header lead to Potential Stored XSS
2021-12-08 14:04:06  •  阅读 0 •  点我收藏   
CORS origin validation failure
2021-12-08 08:27:14  •  阅读 0 •  点我收藏   
Authentication Bypass - Email Verification code bypass in account registration process.
2021-12-08 05:09:06  •  阅读 0 •  点我收藏   
Bypass a fix for report #708013
2021-12-07 23:08:53  •  阅读 0 •  点我收藏   
Guard WKS lookup: Evil WKS server forces connections to last forever
2021-12-07 21:39:46  •  阅读 0 •  点我收藏   
Blind XSS
2021-12-07 17:46:47  •  阅读 0 •  点我收藏   
Full read SSRF in www.evernote.com that can leak aws metadata and local file inclusion
2021-12-07 09:02:08  •  阅读 0 •  点我收藏   
IDOR to view order information of users and personal information
2021-12-07 05:29:05  •  阅读 0 •  点我收藏   
xss is triggered on your web
2021-12-06 15:08:27  •  阅读 0 •  点我收藏   
[h1-2102] Wholesale - CSRF to Generate Invitation Token for a Customer and Move Customer to Invited Status
2021-12-06 11:35:51  •  阅读 0 •  点我收藏   
Recaptcha Secret key Leaked
2021-12-05 06:00:14  •  阅读 0 •  点我收藏   
Authenticated kubernetes principal with restricted permissions can retrieve ingress-nginx serviceaccount token and secrets across all namespaces
2021-12-04 21:32:52  •  阅读 0 •  点我收藏   
Staff can use BULK_OPERATIONS_FINISH webhook topic using Graphql without permissions all
2021-12-04 12:25:17  •  阅读 0 •  点我收藏   
reflected xss on the path m.tiktok.com
2021-12-04 12:25:17  •  阅读 0 •  点我收藏   
IDOR the ability to view support tickets of any user on seller platform
2021-12-04 12:25:17  •  阅读 0 •  点我收藏   
File System Monitoring Queue Overflow
2021-12-04 01:15:14  •  阅读 0 •  点我收藏   
access to stack memory beyond array boundaries
2021-12-04 01:15:10  •  阅读 0 •  点我收藏   
[h1-2102] [Yaworski's Broskis] Suspected overcharge and chargebacks in PoS
2021-12-04 01:15:06  •  阅读 0 •  点我收藏   
Unathorised access to admin endpoint on plus-website-staging5.shopifycloud.com
2021-12-03 23:42:21  •  阅读 0 •  点我收藏   
Ability to add address without being an admin or staff in the store via wholesale store
2021-12-03 23:42:18  •  阅读 0 •  点我收藏   
Stored XSS in files.slack.com
2021-12-03 08:05:03  •  阅读 0 •  点我收藏   
Bypassing HTML filter in "Packing Slip Template" Lead to SSRF to Internal Kubernetes Endpoints
2021-12-03 06:17:12  •  阅读 0 •  点我收藏   
CSS injection via link tag whitelisted-domain bypass - https://www.glassdoor.com
2021-12-03 03:02:41  •  阅读 0 •  点我收藏   
account takeover through password reset in url https://reklama.tochka.com/
2021-12-02 22:11:44  •  阅读 0 •  点我收藏   
Privilege Escalation leads to trash other users comment without having admin rights.
2021-12-01 21:21:27  •  阅读 0 •  点我收藏   
Stored XSS on https://community.my.games/ (Add Post)
2021-12-01 20:31:49  •  阅读 0 •  点我收藏   
Reflected XSS in photogallery component on [https://market.av.ru]
2021-12-01 20:31:49  •  阅读 0 •  点我收藏