bugbounty技巧聚合20210721

H1漏洞报告

Ruby

OS Command Injection in ‘/lib/un.rb — Utilities to replace common UNIX commands in Makefiles etc’

Gitlab

[stored XSS in custom emoji](tored XSS in custom emoji)

Stored-XSS in merge requests

Acronis

Reflected XSS via “Error” parameter on https://admin.acronis.com/admin/su/

其他文章

Android screen lock protection thwarted by Facebook Messenger Rooms exploit

[Some URL shortener services distribute Android malware, including banking or SMS trojans](Some URL shortener services distribute Android malware, including banking or SMS trojans)

[Pentesting iOS| Starting With iOS Emulator Corellium & Re-signing IPA](Pentesting iOS| Starting With iOS Emulator Corellium & Re-signing IPA)

文字来源于- 火线 Zone-云安全社区,安全小天地只做文章分享,如有侵权,请联系站长删除


「渗透云记」公众号里主要记录我每天的所思所想,我会坚持更新质量不错的文章,感兴趣的小伙伴可以扫描下方二维码,谢谢支持! 安全小天地 - 公众号 - 渗透云记
© 版权声明
THE END
喜欢就支持一下吧
点赞7 分享
评论 抢沙发

请登录后发表评论

    请登录后查看评论内容