关键字【jobert】的搜索结果共36记录

公开时间 奖金 作者 标题 厂商 漏洞类型
2018-11-30 $ jobert SQL injection in GraphQL endpoint through embedded_submission_form_uuid parameter HackerOne SQL Injection
2018-11-29 $ jobert Attacker can claim credentials for private program that has a published external program HackerOne Information Disclosure
2018-10-09 $ jobert Unauthenticated user can upload an attachment to the last updated report draft HackerOne Improper Null Termination
2018-08-21 $ jobert Wormable stored XSS in www.evernote.com Evernote none
2018-05-24 $750.0 jobert GitHub import allows user to create child group under existing namespace GitLab Improper Access Control - Generic
2018-04-27 $2000.0 jobert GitLab CI runner can read and poison cache of all other projects GitLab Path Traversal
2018-04-27 $750.0 jobert Evaluating Ruby code by injecting Rescue job on the system_hook_push queue through web hook GitLab Server-Side Request Forgery (SSRF)
2018-04-27 $2000.0 jobert Command injection by overwriting authorized_keys file through GitLab import GitLab Command Injection - Generic
2018-04-27 $2000.0 jobert SQL injection in MilestoneFinder order method GitLab SQL Injection
2017-10-03 $ jobert Race condition in GitLab import, giving access to other people their imports due to filename collision GitLab Information Disclosure
2017-06-08 $ jobert GFM renderer leaks external issue tracker URL of private project GitLab Information Disclosure
2017-05-09 $ jobert Stored XSS on Files overview by abusing git submodule URL GitLab Cross-site Scripting (XSS) - Stored
2017-04-12 $400.0 jobert Client can redirect payment, causing payment discrepancy between Harvest and PayPal Harvest Business Logic Errors
2017-01-23 $ jobert Users can download old project exports due to unclaimed namespace GitLab Information Disclosure
2017-01-23 $ jobert Every user can delete public deploy keys GitLab Privilege Escalation