Company Name: Cloudflare Public Bug Bounty Company HackerOne URL: https://hackerone.com/cloudflare Submitted By:mega7Link to Submitters Profile:https://hackerone.com/mega7 Report Title:Basic XSS Report Link:https://hackerone.com/reports/1615743Date...
Company Name: MetaMask Company HackerOne URL: https://hackerone.com/metamask Submitted By:hackerontwowheelsLink to Submitters Profile:https://hackerone.com/hackerontwowheels Report Title:Arbitrary file write triggered by deeplink abuse...
Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:light3rLink to Submitters Profile:https://hackerone.com/light3r Report Title:Banned user still able to invited to...
Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:jobertLink to Submitters Profile:https://hackerone.com/jobert Report Title:Internal machine learning API endpoint for CWE...
Company Name: Rockstar Games Company HackerOne URL: https://hackerone.com/rockstargames Submitted By:0xshivamLink to Submitters Profile:https://hackerone.com/0xshivam Report Title:Improper Authentication inside the Rockstar Games...
Company Name: Rocket.Chat Company HackerOne URL: https://hackerone.com/rocket_chat Submitted By:fabianfreyerLink to Submitters Profile:https://hackerone.com/fabianfreyer Report Title:Server-side RCE through directory traversal-based arbitrary file...
Company Name: SHEIN Company HackerOne URL: https://hackerone.com/shein Submitted By:x1337loserLink to Submitters Profile:https://hackerone.com/x1337loser Report Title:RCE via npm misconfig -- installing internal...
Company Name: 8x8 Company HackerOne URL: https://hackerone.com/8x8 Submitted By:ssharmazLink to Submitters Profile:https://hackerone.com/ssharmaz Report Title:xss(r) vcc-na11.8x8.comReport Link:https://hackerone.com/reports/1392733Date Submitted:10 July 2023 A...
Company Name: Ruby on Rails Company HackerOne URL: https://hackerone.com/rails Submitted By:haqplLink to Submitters Profile:https://hackerone.com/haqpl Report Title:ActionView sanitize helper bypass leading...
Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:nagliLink to Submitters Profile:https://hackerone.com/nagli Report Title:2M Reports on HackerOne Celebration! - Ability...
Company Name: Tennessee Valley Authority Company HackerOne URL: https://hackerone.com/tennessee-valley-authority Submitted By:dreamer_ehLink to Submitters Profile:https://hackerone.com/dreamer_eh Report Title:Rate limit missing sign-in pageReport...
Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:the_arch_angelLink to Submitters Profile:https://hackerone.com/the_arch_angel Report Title:Asset Inventory Internal Descriptions are leaked in...
Company Name: TikTok Company HackerOne URL: https://hackerone.com/tiktok Submitted By:zerodyLink to Submitters Profile:https://hackerone.com/zerody Report Title:CSRF protection bypass on TikTok Webcast EndpointsReport...
Company Name: Internet Bug Bounty Company HackerOne URL: https://hackerone.com/ibb Submitted By:sw0rd1ightLink to Submitters Profile:https://hackerone.com/sw0rd1ight Report Title:CVE-2023-28710 Apache Airflow Spark Provider...
Company Name: Nextcloud Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:polapain1337Link to Submitters Profile:https://hackerone.com/polapain1337 Report Title:Brute force protection allows to send more...
NAME__________UNISOC mobile phone chipsets for Android denial of servicePlatforms Affected:Unisoc SC9863A Unisoc SC9832E Unisoc SC7731E Unisoc T610 Unisoc T606 Unisoc...
NAME__________Quiz Expert plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Quiz Expert Plugin for WordPress 1.5.0Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Quiz Expert plugin...
NAME__________JetBrains YouTrack security bypassPlatforms Affected:JetBrains YouTrack 2023.1Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________JetBrains YouTrack could allow a remote attacker to bypass security restrictions,...
NAME__________AVG Anti-Spyware code executionPlatforms Affected:AVG AVG Anti-Spyware 7.5Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________AVG Anti-Spyware could allow a local authenticated attacker to execute...
NAME__________Template Debugger plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Template Debugger Plugin for WordPress 3.1.2Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Template Debugger plugin...
NAME__________Galleria plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Galleria Plugin for WordPress 1.0.3Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Galleria plugin for WordPress is...
NAME__________WP RSS Images Slider Plugin for Videos plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress WP RSS Images Plugin for WordPress...
NAME__________UNISOC mobile phone chipsets for Android information disclosurePlatforms Affected:Unisoc SC9863A Unisoc SC9832E Unisoc SC7731E Unisoc T610 Unisoc T606 Unisoc T760...
NAME__________SAP S/4HANA security bypassPlatforms Affected:SAP S/4HANA 104 SAP S/4HANA 105 SAP S/4HANA 106 SAP S/4HANA 107Risk Level:6.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________SAP S/4HANA...
