Based on the description this seems to be improper authorisation. An authenticated user can access data that it’s not supposed to (I assume you need to log in to see the data). The site in question should have a security contact where you can send your proven finding. Something like security@company.com or cert@company.com. They will usually require GPG encryption so the misconfigurstion you are reporting is not snooped (the attachment should be enough).

Skłodowska

Noticed the same problem, however, Super + R is an Explorer shortcut. If it’s not running it should not work. Ctrl + Art + Del should still work as it’s read by the Winlogon process but from there you can ran run task manager which he deleted. Cmd.exe is still available and there are ways to boot into the OS with it’s window starting automatically. Definetly would have loved to see CSRSS.exe or ntoskrnl.exe get deleted or any other core component.

As far as I know, OVH has a domain transfer service.

According to some posts online you should use pattern matching to exclude filetypes. “*.ink” should match any file ending in “ink”. Exclusions should be separated by a newline.