HackerOne Bug Bounty Disclosure: ldap-server-null-bind-connection-information-disclosureby0xmaruf
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by 0xmaruf 0xmaruf Report LDAP Server NULL Bind Connection...
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by 0xmaruf 0xmaruf Report LDAP Server NULL Bind Connection...
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by 0r10nh4ck 0r10nh4ck Report Sensitive Data Exposure via wp-config.php...
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by cdl cdl Report XXE on https:// via SpellCheck...
Programme HackerOne Nextcloud Nextcloud Submitted by lukasreschke lukasreschke Report Reflected XSS vulnerability with full CSP bypass in Nextcloud installations using...
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by colemanj colemanj Report XSS in ServiceNow logout https://:443...
Programme HackerOne WordPress WordPress Submitted by chip_sec chip_sec Report PII of users can be downloaded from export pages Full Report...
Programme HackerOne HackerOne HackerOne Submitted by iamr0000t iamr0000t Report HTML injection in email at https://www.hackerone.com/ Full Report A considerable...
Programme HackerOne GlassWire GlassWire Submitted by chip_sec chip_sec Report Facebook App API credentials leaked in the APK Full Report ...
Programme HackerOne LinkedIn LinkedIn Submitted by encodedguy encodedguy Report Delete any LinkedIn comment on learning API of other users Full...
Programme HackerOne LinkedIn LinkedIn Submitted by spaceboy20 spaceboy20 Report Attacker can unpin posts from companies he's not part of. Full...
Programme HackerOne LinkedIn LinkedIn Submitted by find_me_here find_me_here Report Attackers do not need to Pay for a Subscription to get...
Programme HackerOne IBM IBM Submitted by 0xpugazh 0xpugazh Report Moodle XSS on s-immerscio.comprehend.ibm.com Full Report A considerable amount of...
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Programme HackerOne IBM IBM Submitted by gdattacker gdattacker Report Subdomain Takeover Affecting at vex.weather.com Full Report A considerable amount...
Programme HackerOne Mattermost Mattermost Submitted by uchihaluckycs uchihaluckycs Report Reset password link sent over unsecured http protocol Full Report ...
Programme HackerOne Brave Software Brave Software Submitted by ameenbasha ameenbasha Report download file type warning on Windows does not appear...
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Programme HackerOne Elastic Elastic Submitted by lu3ky-13 lu3ky-13 Report blind Server-Side Request Forgery (SSRF) allows scanning internal ports Full Report...
Programme HackerOne Ruby Ruby Submitted by leixiao leixiao Report Header CRLF Injection in Ruby Net::HTTP Full Report A considerable...
Programme HackerOne Nextcloud Nextcloud Submitted by juliushaertl juliushaertl Report Hide download previews are accessible without a watermark Full Report ...
Programme HackerOne Nextcloud Nextcloud Submitted by meinereiner meinereiner Report App pin of the Android app can be bypassed via 3rdparty...
Programme HackerOne Nextcloud Nextcloud Submitted by nickvergessen nickvergessen Report Potential directory traversal in OC\Files\Node\Folder::getFullPath Full Report A considerable amount...
Programme HackerOne Nextcloud Nextcloud Submitted by juliushaertl juliushaertl Report Document content of files can be obtained through Collabora for files...
Programme HackerOne TD Bank TD Bank Submitted by def1ant def1ant Report Reflected XSS on marketsandresearch.td.com Full Report A considerable...