Programme HackerOne HackerOne HackerOne Submitted by buraaqsec buraaqsec Report Scope information is leaked when visiting policy scopes tab of any...
Programme HackerOne GitHub GitHub Submitted by ryotak ryotak Report Improper handling of null bytes in GitHub Actions Runner allows an...
Programme HackerOne Nextcloud Nextcloud Submitted by christophwurst christophwurst Report Mail app stores cleartext password in database until OAUTH2 setup is...
Programme HackerOne U.S. Department of State U.S. Department of State Submitted by tmz900 tmz900 Report RXSS on https://travel.state.gov/content/travel/en/search.html Full Report...
Programme HackerOne Stripe Stripe Submitted by phor3nsic phor3nsic Report Object injection in `stripe-billing-typographic` GitHub project via /auth/login Full Report A...
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by mattipv4 mattipv4 Report Extraction of Pages build scripts,...
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by czchen czchen Report Argo CD reconciles apps outside configured namespaces...
Programme HackerOne Nextcloud Nextcloud Submitted by rtod rtod Report Targeted phishing attacks in Login flow v2 Full Report A considerable...
Programme HackerOne Yelp Yelp Submitted by msgandole msgandole Report Direct access to tox.ini file which is contain configuration details Full...
Programme HackerOne Stripe Stripe Submitted by sn-shyk sn-shyk Report HTML Injection in the Invoice memos field Full Report A considerable...
Programme HackerOne Nextcloud Nextcloud Submitted by ctulhu ctulhu Report Messages can still be seen on conversation after expiring when cron...
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Programme HackerOne Stripe Stripe Submitted by ian ian Report Fee discounts can be redeemed many times, resulting in unlimited fee-free...
Programme HackerOne Automattic Automattic Submitted by 0xwega74 0xwega74 Report Stored XSS on app.crowdsignal.com your-subdomain.crowdsignal.net via Thank You Header Full Report...
Programme HackerOne Nextcloud Nextcloud Submitted by rullzer rullzer Report Download permissions can be changed by resharer Full Report A considerable...
Programme HackerOne Node.js Node.js Submitted by timon8 timon8 Report CRLF Injection in Nodejs undici via host Full Report A considerable...
Programme HackerOne Krisp Krisp Submitted by mikemyers mikemyers Report SQL Injection + Insecure Deserialization leads to Remote Code Execution on...
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Programme HackerOne U.S. Department of State U.S. Department of State Submitted by ismailu ismailu Report xss and html injection on...
Programme HackerOne curl curl Submitted by monnerat monnerat Report CVE-2023-23916: HTTP multi-header compression denial of service Full Report A considerable...
Programme HackerOne Twitter Twitter Submitted by eissen5c eissen5c Report The Deleted Polls is Still Accessable after 30 Days Full Report...
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by spell1 spell1 Report Splunk Sensitive Information Disclosure @axiellstore.usahec.org...
Programme HackerOne HackerOne HackerOne Submitted by syjane syjane Report HackerOne Undisclosed Report Leak via PoC of Full Disclosure on Hacktivity...
Programme HackerOne Nextcloud Nextcloud Submitted by lukasreschke lukasreschke Report Desktop client can be tricked into opening/executing local files when clicking...
