关键字【Improper Authentication - Generic】的搜索结果共2651记录

公开时间 奖金 作者 标题 厂商 漏洞类型
2019-01-21 $250.0 sudi [auth2.zomato.com] Reflected XSS at `oauth2/fallbacks/error` | ORY Hydra an OAuth 2.0 and OpenID Connect Provider Zomato Cross-site Scripting (XSS) - Reflected
2019-01-16 $ mikki_khan command Injection in rawlog binary Dovecot Command Injection - Generic
2019-01-11 $ mik317 Account takeover due to CSRF in "Account details" option on █████████ U.S. Dept Of Defense Cross-Site Request Forgery (CSRF)
2019-01-07 $750.0 xpaw Reflected XSS on help.steampowered.com Valve Cross-site Scripting (XSS) - Reflected
2019-01-07 $750.0 tvmpt XSS @ store.steampowered.com via agecheck path name Valve Cross-site Scripting (XSS) - Reflected
2019-01-07 $500.0 romesful CSRF | Ban or unban users in broadcast's chat Valve Cross-Site Request Forgery (CSRF)
2019-01-07 $750.0 mvc Stored XSS in the guide's GameplayVersion (www.dota2.com) Valve Cross-site Scripting (XSS) - Stored
2019-01-07 $7500.0 zemnmez XSS in steam react chat client Valve Cross-site Scripting (XSS) - Stored
2019-01-06 $ cris_semmle Command Injection Vulnerability in kill-port Package Node.js third-party modules Command Injection - Generic
2019-01-06 $ skyn3t [buttle] Unsafe rendering of Markdown files Node.js third-party modules Cross-site Scripting (XSS) - Generic
2019-01-01 $ z0mb13 Local File Download RATELIMITED Improper Access Control - Generic
2018-12-27 $2100.0 cablej Race condition in performing retest allows duplicated payments HackerOne Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
2018-12-24 $2000.0 palant Kaspersky Password Manager: HTML injection in the browser action pop-up via user name Kaspersky Lab Cross-site Scripting (XSS) - Stored
2018-12-21 $100.0 mobius07 Passive mixed content issues on the site https://*.fanduel.com FanDuel Man-in-the-Middle
2018-12-19 $2000.0 reptou XSS in ubermovement.com via editable Google Sheets Uber Cross-site Scripting (XSS) - Stored