[公告]不安全上线【我的收藏】功能
2019-09-26 17:32:30  •  阅读 ♾  
[公告]不安全更换新域名为: buaq.net 短域名:https://f5.pm
2019-09-26 17:32:30  •  阅读 ♾  
Regex Injection from request header (Rack::Sendfile, send_file)
2021-06-16 13:25:06  •  阅读 27 •  点我收藏   
Cross-origin resource sharing misconfig | steal user information
2021-06-16 04:41:20  •  阅读 32 •  点我收藏   
Unexpected input validation of octal literals in nodejs v15.12.0 and below returns defined values for all undefined octal literals.
2021-06-15 00:18:32  •  阅读 31 •  点我收藏   
XMLRPC, Enabling XPSA and Bruteforce and DOS + A file disclosing installer-logs.
2021-06-14 19:02:08  •  阅读 32 •  点我收藏   
Wrong implementation of Telegram link on the main page for PC users
2021-06-13 05:37:49  •  阅读 35 •  点我收藏   
Flaws In Social media Icon on error page which can lead to financial loss to a company.
2021-06-13 03:55:13  •  阅读 31 •  点我收藏   
Hackerone is not properly deleting user id
2021-06-12 05:25:19  •  阅读 38 •  点我收藏   
SQL injection in https://www.acronis.cz/ via the log parameter
2021-06-12 00:15:04  •  阅读 38 •  点我收藏   
CORS Misconfiguration Leads to Sensitive Exposure on Sifchain main domain
2021-06-11 01:41:47  •  阅读 38 •  点我收藏   
CORS (Cross-Origin Resource Sharing) origin validation failure -Any website can issue requests made with user credentials and read the responses to th
2021-06-11 01:41:47  •  阅读 38 •  点我收藏   
Private eth key found
2021-06-11 01:41:47  •  阅读 36 •  点我收藏   
HTTPS not enforced at dex.sifchain.finance
2021-06-11 01:41:47  •  阅读 34 •  点我收藏   
File drop public link can also be converted to federated share
2021-06-11 01:41:47  •  阅读 35 •  点我收藏   
Attacker can obtain write access to any federated share/public link
2021-06-11 01:41:47  •  阅读 34 •  点我收藏   
Default settings leak federated cloud id to lookup server of all users
2021-06-11 01:41:47  •  阅读 36 •  点我收藏   
Stored XSS in Acronis Cyber Protect Console
2021-06-10 23:56:30  •  阅读 32 •  点我收藏   
End to end encryption folder locking is not properly protected
2021-06-10 23:56:30  •  阅读 34 •  点我收藏   
Trusted servers exchange can be triggered by attacker
2021-06-10 23:56:30  •  阅读 35 •  点我收藏   
CORS Misconfiguration, could lead to disclosure of sensitive information
2021-06-10 06:36:31  •  阅读 34 •  点我收藏   
Header modification results in disclosure of Slack infra metadata to unauthorized parties
2021-06-09 13:02:51  •  阅读 32 •  点我收藏   
Private program disclosure of `██████████` through notifications
2021-06-09 13:02:51  •  阅读 32 •  点我收藏   
Cross-Site Scripting through search form on mtnplay.co.zm
2021-06-08 17:46:57  •  阅读 32 •  点我收藏   
bypass parental pin succesfully
2021-06-07 19:08:05  •  阅读 46 •  点我收藏   
https://secure.showmax.com/profile/payments
2021-06-07 19:08:05  •  阅读 39 •  点我收藏   
Acessed internal api documentation and information
2021-06-06 20:23:30  •  阅读 38 •  点我收藏   
XSS (reflected, and then, cookie persisted) on api documentation site theme selector (old version of dokuwiki)
2021-06-06 20:23:30  •  阅读 42 •  点我收藏   
prometheus server monitoring System publicly accessible
2021-06-06 20:23:30  •  阅读 41 •  点我收藏   
Add new development stores without permission
2021-06-05 06:15:45  •  阅读 39 •  点我收藏   
Uncontrolled Search Path Element allows DLL hijacking for priv esc to SYSTEM
2021-06-05 01:06:15  •  阅读 35 •  点我收藏   
account impersonate through broken link
2021-06-04 23:21:09  •  阅读 34 •  点我收藏