关键字【1500.0】的搜索结果共15记录

公开时间 奖金 作者 标题 厂商 漏洞类型
2018-10-12 $1500.0 dudez Stored XSS in photo comment functionality Pornhub Cross-site Scripting (XSS) - Generic
2018-10-10 $1500.0 sp1d3rs Stored XSS on the https://www.redtube.com/users/[profile]/collections Redtube Cross-site Scripting (XSS) - Stored
2018-10-10 $1500.0 sp1d3rs Stored XSS in galleries - https://www.redtube.com/gallery/[id] path Redtube Cross-site Scripting (XSS) - Stored
2018-09-17 $1500.0 akhil-reni [www.zomato.com] Tampering with Order Quantity and paying less amount then actual amount, leads to business loss Zomato Business Logic Errors
2018-08-27 $1500.0 bugdiscloseguys Domain pointing to vimeo portfolio are prone to takeover using on-demand. Vimeo Business Logic Errors
2018-08-01 $1500.0 alexbirsan LFI and SSRF via XXE in emblem editor Rockstar Games XML External Entities (XXE)
2018-07-19 $1500.0 orange Path Traversal on Default Installed Rails Application (Asset Pipeline) Ruby on Rails Path Traversal
2018-06-19 $1500.0 maxpl0it Format String Vulnerability in the EdgeSwitch restricted CLI Ubiquiti Networks Use of Externally-Controlled Format String
2018-06-19 $1500.0 maxpl0it Code Execution in restricted CLI of EdgeSwitch Ubiquiti Networks Command Injection - Generic
2018-06-13 $1500.0 morisson burp does not validate the common name of the presented collaborator server certificate PortSwigger Web Security Man-in-the-Middle
2018-05-01 $1500.0 jon_bottarini Bypass of my three other reports #267636 + #255894 + #271861 - (IDOR) Ability to see full name associated with other New Relic accounts New Relic Insecure Direct Object Reference (IDOR)
2018-04-08 $1500.0 gromoza XSS *.myshopify.com/collections/vendors?q= Shopify Cross-site Scripting (XSS) - Reflected
2018-03-22 $1500.0 kaarloh XSS vulnerability in sanitize-method when parsing link's href Ruby on Rails Cross-site Scripting (XSS) - Generic
2018-02-07 $1500.0 joernchen Unsafe Query Generation (CVE-2012-2660, CVE-2012-2694 and CVE-2013-0155) mitigation bypass Ruby on Rails none
2018-01-12 $1500.0 alexbirsan SMB SSRF in emblem editor exposes taketwo domain credentials, may lead to RCE Rockstar Games Server-Side Request Forgery (SSRF)