bugbounty技巧聚合20211108

漏洞报告

【MariaDB】Path Traversal CVE-2021-26086 CVE-2021-26085
https://hackerone.com/reports/1369288

【Logitech】clickjacking on deleting user’s clips [https://crossclip.com/clips]
https://hackerone.com/reports/1294767

【HackerOne 1000刀】HackerOne Staging uses Production data for testing
https://hackerone.com/reports/1392511

【Kubernetes 100刀】Broken Link Hijacking on kubernetes.io Documentation
https://hackerone.com/reports/1331361

【Kubernetes 250刀】Broken link hijacing in https://kubernetes-csi.github.io/docs/drivers.html
https://hackerone.com/reports/1212853

挖洞技巧

Firebase Cloud Messaging Service Takeover: A small research that led to 30k$+ in bounties
https://abss.me/posts/fcm-takeover/

The Speckle Umbrella story — part 2
https://irsl.medium.com/the-speckle-umbrella-story-part-2-fcc0193614ea

文字来源于- 火线 Zone-云安全社区,安全小天地只做文章分享,如有侵权,请联系站长删除


「渗透云记」公众号里主要记录我每天的所思所想,我会坚持更新质量不错的文章,感兴趣的小伙伴可以扫描下方二维码,谢谢支持! 安全小天地 - 公众号 - 渗透云记
© 版权声明
THE END
喜欢就支持一下吧
点赞10 分享
评论 抢沙发

请登录后发表评论

    请登录后查看评论内容