关键字【Violation of Secure Design Principles】的搜索结果共966记录

公开时间 奖金 作者 标题 厂商 漏洞类型
2019-02-04 $ hossammesbah21 ssl cookie without secure flag set Mail.ru Violation of Secure Design Principles
2019-02-02 $ sxw Missing Protection Mechanism in Mail Servers allows malicious user to use staff.ratelimited.me email could lead to identity theft. RATELIMITED Violation of Secure Design Principles
2019-02-01 $ tomk Remote attacker can impersonate Social users via ActivityPub API Nextcloud Deserialization of Untrusted Data
2019-01-29 $ hamad_iheb Secure Pages Include Mixed Content Issue Eobot Violation of Secure Design Principles
2019-01-25 $500.0 cablej IDOR in activateFuelCard id allows bulk lookup of driver uuids Uber Insecure Direct Object Reference (IDOR)
2019-01-23 $ joaomatosf Remote Code Execution (RCE) in a Sony WebSystem Sony Deserialization of Untrusted Data
2019-01-23 $ joaomatosf Remote Code Execution (RCE) in a Sony Pictures WebSystem Sony Deserialization of Untrusted Data
2019-01-18 $2940.0 nyuszika7h Changing email address on Twitter for Android unsets "Protect your Tweets" Twitter Privacy Violation
2019-01-16 $ godexmachine [3k.mail.ru] - Content spoofing Mail.ru Violation of Secure Design Principles
2019-01-15 $ karlito Disclose anonymous accessible link on embedded files in paper dropbox sessions Dropbox Insecure Direct Object Reference (IDOR)
2019-01-11 $ jobert Embedded submission form UUIDs can be enumerated through GraphQL node interface, exposing sensitive program details HackerOne Insecure Direct Object Reference (IDOR)
2019-01-08 $ phreak Production secret key leak in config/secrets.yml Grabtaxi Holdings Pte Ltd Cleartext Storage of Sensitive Information
2019-01-07 $200.0 ronak_9889 Comment restriction in subsection "Workshop" of domain "steamcommunity.com" can be bypassed using IDOR Valve Insecure Direct Object Reference (IDOR)
2019-01-07 $ phsmile Missing Two Factor Authentication in /admin/login CFP Time Violation of Secure Design Principles
2019-01-07 $ badcracker Error Page Content Spoofing or Text Injection CFP Time Violation of Secure Design Principles