Hi,I’m @rickshang , The Chinese SRC ID is 无在无不在
I like working on novel attack techniques and finding crazy vulnerabilities
SRC Ranking #
- 2023
- 阔知SRC TOP1
- 极氪SRC TOP1
- 百度SRC 迅捷狙击奖-高质量漏洞产出者
- 2024:
- 看云SRC TOP1
- 平安SRC TOP9
- 顺丰SRC TOP10
- 新东方SRC TOP5 (年度最佳漏洞奖)
- 东方甄选SRC TOP1
- 完美世界SRC TOP5
- 途虎SRC TOP5
- 小鹏SRC TOP6
- 斗鱼SRC TOP1
- 哈啰SRC TOP1
- 百度SRC TOP11 (洞察巅峰奖-高质量漏洞产出者)
- 贝壳SRC TOP11
My CVE list: #
- CVE-2022-46181 XSS vulnerability in the application image file upload in gotify/server
- CVE-2023-22463 JwtSigKey hardcoded causes the k8s cluster to take over in kubeoperator/kubepi
There are other general vulnerabilities that I can’t publicly disclose yet because they haven’t been fixed
My open source project: #
Keep In Touch #
- 微信: xdujim
- QQ群: 575701862 (备注来自博客)