不讲伍德的ProtonMail,哈哈哈哈~
奇客Solidot | ProtonMail 从网站上删除不记录用户 IP 的声明
QIWI
#1266659 Subdomain Takeover on 1c-start.tochka.com pointing to unbouncepages
Zomato
#743345 HTML injection leads to reflected XSS
[#738810 HTML Injection @ /restaurant]/order endpoint.
Open-Xchange
#1132160 Path Traversal in dict-fs and no-check Escape Character in oauth2-jwt
提交到https://confluence.eng.vmware.com/的CVE-2021–26084的exp被人泄漏,但是vmware拒绝承认,哈哈哈哈~
https://tradahacking.vn/atlassian-confluence-cve-2021-26084-the-other-side-of-bug-bounty-45ed19c814f6
https://xhzeem.me/posts/SSRF-in-PDF-export-with-PhantomJs/read/
无文件exe
https://github.com/aaaddress1/PR0CESS/tree/main/miniGhosting
