[公告]不安全上线【我的收藏】功能
2019-09-26 17:32:30  •  阅读 ♾  
[公告]不安全更换新域名为: buaq.net 短域名:https://f5.pm
2019-09-26 17:32:30  •  阅读 ♾  
CSRF на установку своей почты к аккаунту.
2021-05-24 00:27:28  •  阅读 54 •  点我收藏   
View Only to Root Privilege Escalation on UniFi Protect
2021-05-23 12:21:07  •  阅读 70 •  点我收藏   
SNMP Community String Disclosure to ReadOnly Users on EdgeSwitch
2021-05-23 12:21:07  •  阅读 61 •  点我收藏   
Readonly to Root Privilege Escalation on EdgeSwitch
2021-05-23 12:21:07  •  阅读 58 •  点我收藏   
Web Server Predictable Session ID on EdgeSwitch
2021-05-23 12:21:07  •  阅读 58 •  点我收藏   
SSRF на https://qiwi.com с помощью "Prerender HAR Capturer"
2021-05-22 19:07:50  •  阅读 64 •  点我收藏   
User Information Disclosure via waitlist.blockfi.com Prefinery Abuse
2021-05-22 10:27:49  •  阅读 59 •  点我收藏   
Kroki Arbitrary File Read/Write
2021-05-22 07:01:42  •  阅读 61 •  点我收藏   
[Python] CWE-400: Regular Expression Injection
2021-05-22 03:35:15  •  阅读 63 •  点我收藏   
[Java] CWE-078: Add JSch lib OS Command Injection sink
2021-05-22 03:35:15  •  阅读 58 •  点我收藏   
[Java]: CWE-601 Spring url redirection detect
2021-05-22 03:35:15  •  阅读 55 •  点我收藏   
[Java] CWE-094: Jython code injection
2021-05-22 03:35:15  •  阅读 58 •  点我收藏   
[Java] CWE-094: Rhino code injection
2021-05-22 03:35:15  •  阅读 54 •  点我收藏   
Several domains on kaspersky.com are vulnerable to Web Cache Deception attack
2021-05-21 03:16:20  •  阅读 53 •  点我收藏   
Weak password policy leading to exposure of administrator account access
2021-05-21 01:32:21  •  阅读 51 •  点我收藏   
Account takeover just through csrf in https://booking.qiwi.kz/profile
2021-05-21 01:32:21  •  阅读 70 •  点我收藏   
Improper Access Control on Lark Footer Feature
2021-05-19 09:49:45  •  阅读 48 •  点我收藏   
Pre-Auth Blind NoSQL Injection leading to Remote Code Execution
2021-05-19 08:07:41  •  阅读 62 •  点我收藏   
No Valid SPF Records/don't have DMARC record
2021-05-19 06:26:04  •  阅读 66 •  点我收藏   
Bypass t.co link shortener in Twitter direct messages
2021-05-19 03:03:11  •  阅读 64 •  点我收藏   
Previously created sessions continue being valid after MFA activation
2021-05-19 03:03:11  •  阅读 59 •  点我收藏   
Authenticated XXE
2021-05-19 01:19:53  •  阅读 69 •  点我收藏   
Japan - CSRF in webapp.starbucks.co.jp with user interaction could leak an access token if the user was not using Chrome
2021-05-18 13:17:05  •  阅读 53 •  点我收藏   
CS:GO Server -> Client RCE through OOB access in CSVCMsg_SplitScreen + Info leak in HTTP download
2021-05-18 09:49:28  •  阅读 52 •  点我收藏   
Privilege Escalation via REST API to Administrator leads to RCE
2021-05-18 03:03:08  •  阅读 56 •  点我收藏   
Cross site scripting
2021-05-18 01:21:46  •  阅读 49 •  点我收藏   
User enumeration through forget password
2021-05-16 13:18:52  •  阅读 61 •  点我收藏   
Open S3 Bucket | information leakage
2021-05-16 08:11:46  •  阅读 52 •  点我收藏   
Information Disclosure on https://rpc.sifchain.finance/
2021-05-15 15:02:53  •  阅读 56 •  点我收藏   
private passenger information is exposed to the Uber Driver app during ride dispatch ("Ping") events
2021-05-15 09:52:27  •  阅读 55 •  点我收藏