v1.2.1 - HIGH + MEDIUM bug-bounty content backlog
New payload cards and ready-to-run scripts, both locales (RU + EN).
CVE payload cards + PoC scripts
- React2Shell - unauth RSC Flight RCE (CVE-2025-55182)
- PDF.js FontMatrix JS execution on PDF render (CVE-2024-4367)
- Grafana "Ghost" - client-side traversal -> plugin XSS -> ATO (CVE-2025-4123)
Payloads
- Swagger UI
?configUrl=DOM-XSS via a remote spec - PasteJacking / clipboard blind XSS
- Google / Gemini API-key abuse (validate, billable call, referrer/app bypass)
Recon / discovery scripts
- Swagger configUrl probe + WordPress XML-RPC abuse (API scripts)
- IIS 8.3 short-name enumeration (discovery)
- S3-URL-from-JS harvester (origin & buckets)
- waymore pipeline (wayback / archive)
Seed 5294 entries. All gates green (tsc 0, vitest 18/18, server + static builds). The live demo auto-redeploys to GitHub Pages.