Programme HackerOne Reddit Reddit Submitted by zqyzoid zqyzoid Report Moderators can send messages to users from banned subreddits via `oauth.reddit.com/api/mod/conversations`...
Programme HackerOne Nextcloud Nextcloud Submitted by rtod rtod Report Federated editing allows iframing possibly malicious remotes Full Report A considerable...
Programme HackerOne TikTok TikTok Submitted by aidilarf_2000 aidilarf_2000 Report XSS Payload on TikTok Seller Center endpoint Full Report A considerable...
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by bombon bombon Report Bypassing Cache Deception Armor using...
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by mattipv4 mattipv4 Report Sign in with Apple works...
Programme HackerOne curl curl Submitted by nyymi nyymi Report CVE-2022-32207: Unpreserved file permissions Full Report
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by albertspedersen albertspedersen Report HTTP request smuggling with Origin...
Programme HackerOne curl curl Submitted by nyymi nyymi Report CVE-2022-32208: FTP-KRB bad message verification Full Report
Programme HackerOne curl curl Submitted by nyymi nyymi Report CVE-2022-32205: Set-Cookie denial of service Full Report
Programme HackerOne curl curl Submitted by nyymi nyymi Report CVE-2022-32206: HTTP compression denial of service Full Report
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by sainaen sainaen Report API docs expose an active...
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by mattipv4 mattipv4 Report Sign in with Apple generates...
Programme HackerOne curl curl Submitted by chen172 chen172 Report Credential leak when use two url Full Report
Programme HackerOne Reddit Reddit Submitted by bisesh bisesh Report Able to approve admin approval and change effective status without adding...
Programme HackerOne UPS VDP UPS VDP Submitted by 7odamo 7odamo Report Admin Authentication Bypass Lead to Admin Account Takeover Full...
Programme HackerOne Krisp Krisp Submitted by yassineaboukir yassineaboukir Report Authentication CSRF resulting in unauthorized account access on Krisp app Full...
Programme HackerOne Krisp Krisp Submitted by life__001 life__001 Report Add more seats by paying less via PUT /v2/seats request manipulation...
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Programme HackerOne Reddit Reddit Submitted by marvelmaniac marvelmaniac Report CSRF (protection bypassed) to force a below 18 user into viewing...
Programme HackerOne TikTok TikTok Submitted by aidilarf_2000 aidilarf_2000 Report Stored XSS on TikTok Live Form Full Report
Programme HackerOne curl curl Submitted by iylz iylz Report curl "globbing" can lead to denial of service attacks Full Report
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by ihsinme ihsinme Report CPP: Add query for CWE-243 Creation of...
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by porcupineyhairs porcupineyhairs Report Golang : Hardcoded secret used for signing...
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by porcupineyhairs porcupineyhairs Report Golang : Add Query To Detect PAM...
