InfoSec News & Tutorials
Programme HackerOne LinkedIn LinkedIn Submitted by tushar6378 tushar6378 Report Unauthorized User can View Subscribers of Other Users Newsletters Full Report A considerable amount of time and effort goes into…
Programme HackerOne LINE LINE Submitted by yinmo yinmo Report iOS group chat denial of service Full Report A considerable amount of time and effort goes into maintaining this website,…
Programme HackerOne LINE LINE Submitted by rioncool22 rioncool22 Report Stored XSS Via Filename On https://partners.line.me/ Full Report A considerable amount of time and effort goes into maintaining this website,…
Programme HackerOne LINE LINE Submitted by tosun tosun Report Path traversal in a Tomcat server Full Report A considerable amount of time and effort goes into maintaining this website,…
Programme HackerOne 8x8 8x8 Submitted by shriyanss shriyanss Report speedtest.8x8.com: Enabled Directory Listing Full Report A considerable amount of time and effort goes into maintaining this website, creating backend…
Programme HackerOne LINE LINE Submitted by tosun tosun Report Debugging panel exposure Full Report A considerable amount of time and effort goes into maintaining this website, creating backend automation…
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by boy_child_ boy_child_ Report Bypassing creation of API tokens without email verification Full Report A considerable amount of…
Programme HackerOne Nextcloud Nextcloud Submitted by shakierbellows shakierbellows Report Cards in Deck are readable by any user Full Report A considerable amount of time and effort goes into maintaining…
Programme HackerOne Nextcloud Nextcloud Submitted by bncrypted bncrypted Report Arbitrary read of all SVG files on a Nextcloud server Full Report A considerable amount of time and effort goes…
Programme HackerOne Nextcloud Nextcloud Submitted by bncrypted bncrypted Report Lack of bruteforce protection for TOTP 2FA Full Report A considerable amount of time and effort goes into maintaining this…
Programme HackerOne U.S. Department of State U.S. Department of State Submitted by qualw1n qualw1n Report Accessing unauthorized administration pages and seeing admin password - speakerkit.state.gov Full Report A considerable…
Programme HackerOne Nextcloud Nextcloud Submitted by lukasreschke lukasreschke Report Chat room member disclosure via autocomplete API Full Report A considerable amount of time and effort goes into maintaining this…
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by pwnesec pwnesec Report DoS at (CVE-2018-6389) Full Report A considerable amount of time and effort goes into…
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by 0xd3adc0de 0xd3adc0de Report Reflected XSS in Full Report A considerable amount of time and effort goes into…
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by rodriguezjorgex rodriguezjorgex Report Path traversal leads to reading of local files on and Full Report A considerable…
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by 0xd3adc0de 0xd3adc0de Report Reflected XSS in Full Report A considerable amount of time and effort goes into…
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by 0xd3adc0de 0xd3adc0de Report Reflected XSS in Full Report A considerable amount of time and effort goes into…
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by iam_a_jinchuriki iam_a_jinchuriki Report xmlrpc.php file enabled at .org Full Report A considerable amount of time and effort…
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by miguel_santareno miguel_santareno Report Improper Access Control on Media Wiki allows an attackers to restart installation on DoD asset…
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by abhinavsecondary abhinavsecondary Report HAProxy stats panel exposed externally Full Report A considerable amount of time and effort…
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by abhinavsecondary abhinavsecondary Report Client side authentication leads to Auth Bypass Full Report A considerable amount of time…
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by nyxsorcerer nyxsorcerer Report Apache HTTP Server: mod_proxy_uwsgi HTTP response splitting (CVE-2023-27522) Full Report A considerable amount of time and…
Programme HackerOne Uber Uber Submitted by zhero_ zhero_ Report DOM based XSS via insecure parameter on [ https://uberpay-mock-psp.uber.com ] Full Report A considerable amount of time and effort goes…
Programme HackerOne Uber Uber Submitted by zhero_ zhero_ Report HTML injection via insecure parameter [https://www.ubercarshare.com/] Full Report A considerable amount of time and effort goes into maintaining this website,…