R3: Exposed Prometheus instance at prometheus.qa.r3.com

Summary Hi there, just wanted to note that all of your assets are listed as out of scope on HackerOne right now, which is a bit confusing. Nevertheless, I noticed that your Prometheus server at prometheus.qa.r3.com is exposed to the internet, which appears to let you view all of the internal...

SQL Injection Vulnerability in ASK2 Q&A System Backend uid Parameter

ask2 Q&A system is whatsns product community, providing free version of the open source php Q&A system, integration of paid Q&A system, paid voice Q&A system, comes with a super collection of features, rapid station building, powerful seo optimization. ASK2 Q&A system background uid parameters...

Stored Cross-Site Scripting Vulnerability in ASK2 user.php

ASK2 Q&A system belongs to the Beijing Zhengying Network Technology Company's products , is a set of open source php Q&A system , integration of paid Q&A system , paid voice Q&A system . ASK2 user.php has a stored cross-site scripting vulnerability , because the system fails to strictly filter th...