HackerOne Bug Bounty Disclosure: idor-leads-to-account-takeover-without-user-interactionbytheranger
Programme HackerOne MTN Group MTN Group Submitted by theranger theranger Report IDOR Leads To Account Takeover Without User Interaction Full...
Bug Bounty
HackerOne Bug Bounty Disclosure: password-disclosure-in-initial-setup-of-mail-appbyanna_larch
Programme HackerOne Nextcloud Nextcloud Submitted by anna_larch anna_larch Report Password disclosure in initial setup of Mail App Full Report A...
HackerOne Bug Bounty Disclosure: path-traversal-vulnerability-in-grafana-8-x-allows-“-local-file-read-“bya-heybati
Programme HackerOne MTN Group MTN Group Submitted by a-heybati a-heybati Report path traversal vulnerability in Grafana 8.x allows " local...
HackerOne Bug Bounty Disclosure: weak/auto-fill-passwordbyharrisoft
Programme HackerOne MTN Group MTN Group Submitted by harrisoft harrisoft Report Weak/Auto Fill Password Full Report A considerable amount of...
HackerOne Bug Bounty Disclosure: unauthenticated-ssrf-in-3rd-party-module-“cerdic/csstidy”byeg42
Programme HackerOne Nextcloud Nextcloud Submitted by eg42 eg42 Report Unauthenticated SSRF in 3rd party module "cerdic/csstidy" Full Report A considerable...
HackerOne Bug Bounty Disclosure: federated-share-accepting/declining-is-not-logged-in-audit-logbyrtod
Programme HackerOne Nextcloud Nextcloud Submitted by rtod rtod Report Federated share accepting/declining is not logged in audit log Full Report...
HackerOne Bug Bounty Disclosure: brute-force-protections-don’t-workbynickvergessen
Programme HackerOne Nextcloud Nextcloud Submitted by nickvergessen nickvergessen Report Brute force protections don't work Full Report A considerable amount of...
HackerOne Bug Bounty Disclosure: wordpress-users-disclosure-from-json-and-xml-filebydrak3hft7
Programme HackerOne MTN Group MTN Group Submitted by drak3hft7 drak3hft7 Report Wordpress users disclosure from json and xml file Full...
HackerOne Bug Bounty Disclosure: any-expired-reset-password-link-can-still-be-used-to-reset-the-passwordbymrccrqr
Programme HackerOne Acronis Acronis Submitted by mrccrqr mrccrqr Report Any expired reset password link can still be used to reset...
HackerOne Bug Bounty Disclosure: api-key-reported-in-#1465145-not-rotated-and-thus-is-still-valid-and-can-be-used-by-anyonebyaneeeketh
Programme HackerOne Adobe Adobe Submitted by aneeeketh aneeeketh Report API Key reported in #1465145 not rotated and thus is still...
BugCrowd Bug Bounty Disclosure: – Panel access at https://news-push-88.op-mobile.opera.com/. – By rahul0x01
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: blind-ssrf-on-platform-dash-cloudflare-com-due-to-sentry-misconfigurationbylohigowda
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by lohigowda lohigowda Report Blind SSRF on platform.dash.cloudflare.com Due...
HackerOne Bug Bounty Disclosure: cve-2022-35252:-control-code-in-cookie-denial-of-servicebyhaxatron1
Programme HackerOne curl curl Submitted by haxatron1 haxatron1 Report CVE-2022-35252: control code in cookie denial of service Full Report A...
HackerOne Bug Bounty Disclosure: enable-2fa-verification-without-verifying-email-leads-account-takeoverbymotu-vai
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by motu-vai motu-vai Report Enable 2Fa verification without verifying...
BugCrowd Bug Bounty Disclosure: – Html injection in Send email to recipient – By rynexx
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: unauthorized-accessbymega7
Programme HackerOne GitLab GitLab Submitted by mega7 mega7 Report Unauthorized access Full Report A considerable amount of time and effort...
HackerOne Bug Bounty Disclosure: non-revoked-api-key-information-disclosure-via-stripo_report()bydeb0con
Programme HackerOne Stripo Inc Stripo Inc Submitted by deb0con deb0con Report Non-revoked API Key Information disclosure via Stripo_report() Full Report...
HackerOne Bug Bounty Disclosure: pause-based-desync-in-apache-httpdbyalbinowax
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by albinowax albinowax Report Pause-based desync in Apache HTTPD Full Report...
HackerOne Bug Bounty Disclosure: default-login-credentials-on-https://broadbandmaps-mtn-com-gh/bytheranger
Programme HackerOne MTN Group MTN Group Submitted by theranger theranger Report Default Login Credentials on https://broadbandmaps.mtn.com.gh/ Full Report A considerable...
HackerOne Bug Bounty Disclosure: support-invisionpower-com-takeover-the-subdomain-with-zendeskbyfthacker101
Programme HackerOne Invision Power Services, Inc. Invision Power Services, Inc. Submitted by fthacker101 fthacker101 Report support.invisionpower.com takeover the subdomain with...
HackerOne Bug Bounty Disclosure: golang-expvar-information-disclosurebymustafa_farrag
Programme HackerOne Uber Uber Submitted by mustafa_farrag mustafa_farrag Report Golang expvar Information Disclosure Full Report A considerable amount of time...
BugCrowd Bug Bounty Disclosure: – XSS via Google Drive – https://www.indeed.jobs/career/Profile – By CGuillaume
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – No Rate Limiting on resend email option when signing up for an account – By CyberKey
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – Self XSS on my.indeed.com affecting multiple input fields – By iman122
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
