Recent Zimbra XXE / SSRF Vulnerability Disclosure (CVE-2019-9670) being actively exploited and could allow an attacker to RCE on an affected Zimbra system.
Between 22 Sep 2016 – 18 Feb 2017 passwords, private messages, API keys, and other sensitive data were leaked by Cloudflare to random requesters.
This article I got from an old board blacksun.box.sk written by Raven. Very good and entertaining article. Might be useful for you guys who ask for help especially to underground forums, underground newsgroup, or IRC channel.