-
According to [OWASP guidance on unrestricted file uploads](https://owasp.org/www-community/vulnerabilities/Unrestricted_File_Upload)
> Uploaded files represent a significant risk to applications. T…
-
### Name
ANDRI
### Discord Username (if applicable)
andrihomesec#1337
### Additional Context
Thank you for accepting me as a member of your organization, for that let me introduce myself. my name…
-
This was originally reported to ZAP via BugCrowd.
We rated it as a LOW vulnerability and gave the reporter permission to disclose it, which they have done as [CVE-2022-27820](https://nvd.nist.gov/v…
-
Hello, all 24 below public programs aren't fetched. I think it's something to have with the new url format engagements/xxxxxx maybe ?!
https://bugcrowd.com/engagements/odesk
https://bugcrowd.com/e…
-
```
I'd like ZAP to be able to discover common sub-domains of the targeted site.
Maybe not like a in-depth brute force scan but to check out common domains such as
mobile.target, m.target that tend t…
-
### Name
ANDRI
### Discord Username (if applicable)
andrihomesec#1337
### Additional Context
Thank you for accepting me as a member of your organization, for that let me introduce myself. my name…
-
Can we add `Privilege Escalation` as a subcategory of `Broken Access Controls`?
At our organization, priv esc more commonly manifests from access control vulns than authentication or session vulns.
…
-
**Current Behavior**
has been a consistent contributor and community member.
**Desired Situation**
Let's recognize as a contributor and community member by creating a profile on https://layer…
-
### Name
ANDRI
### Additional Context
Thank you for accepting me as a member of your organization, for that let me introduce myself. my name is ANDRI, I have a high curiosity, a strong willingness …
-
The fix to get URL from anchor tag of Bugcrowd scope is not working. It seems like something from Bugcrowd's end changed.
https://github.com/sw33tLie/bbscope/commit/99fef9fe7a3f6eace1b2d03ec2abc8ce…