vuln/tricks reports from:
wooyun
hackerone
bugreader
- 🔥 01 Reflected XSS on www.hackerone.com and resources.hackerone.com
- 🔥 02 XSS in select attribute options
- 🔥 03 Prevent XSS when passing a parameter directly into link_to
- 🔥 04 Reflected XSS on https://apps.topcoder.com/wiki/page/
- 🔥 05 Reflected XSS on https://apps.topcoder.com/wiki/
- 🔥 06 Reflected XSS on https://apps.topcoder.com/wiki/pages/createpage.action
- 🔥 01 Stored XSS on upload files leads to steal cookie
- 🔥 02 Potential stored Cross-Site Scripting vulnerability in Support Backend
- 🔥 01 Missing ownership check on remote wipe endpoint
- 🔥 02 Insecure redirect rule results in bypassing ban redirect on certain pages
- 🔥 03 [██████████] Unauthorized access to admin panel
- 🔥 04 IDOR on update user preferences
- 🔥 05 Idor on the DELETE /comments/
- 🔥 06 IDOR on deleting drafts on https://apps.topcoder.com/wiki/users/viewmydrafts.action via discardDraftId parameter
- 🔥 01 SQL Injection on cookie parameter
- 🔥 02 SQL Injection - https://███/█████████/MSI.portal
- 🔥 03 Followup - SQL Injection - https://██████████/██████/MSI.portal
- 🔥 04 SQL Injection in Login Page: https://█████/█████████/login.php
- 🔥 01 wooyun-2016-0227704 当当网某站点SSRF可以遍历本地文件 √
- 🔥 02 wooyun-2014-083592 利用两个鸡肋SSRF探测360内网 √
- 🔥 03 CVE-2019-5464 Server Side Request Forgery mitigation bypass
- 🔥 04 labs.data.gov/dashboard/validate中的SSRF / XSPA
- 🔥 01 Arbitrary file read via the UploadsRewriter when moving and issue
- 🔥 02 [Total.js] Path traversal vulnerability allows to read files outside public directory
- 🔥 03 [https://███] Local File Inclusion via graph.php
- 🔥 01 Denial of service to WP-JSON API by cache poisoning the CORS allow origin header
- 🔥 02 Malformed string sent through FireServer leads to server freezing/hanging
- 🔥 03 File Upload Restriction Bypass
- 🔥 01 Open Redirection leads to redirect Users to malicious website
- 🔥 02 open redirect in eb9f.pivcac.prod.login.gov
- 🔥 01 Internal IP Address Disclosed
- 🔥 02 Firewall rules for ████████ can be bypassed to leak site authors
- 🔥 01 Unrestricted access to any "connected pack" on docs
- 🔥 02 Sourcemaps and Unminified Source Code Exposed on Pages
- 🔥 01 disclosure of email by sending a message.
- 🔥 02 Session works after logout from Shopify account and password of online store is displayed
- 🔥 03 Subdomain Takeover to Authentication bypass
持续更新...