Programme HackerOne EXNESS EXNESS Submitted by nearsecurity nearsecurity Report Universal XSS in webview. Lead to steal user cookies Full Report
Programme HackerOne Nextcloud Nextcloud Submitted by geekysherlock geekysherlock Report Sensitive files/ data exists post deletion of user account Full Report
Programme HackerOne GitLab GitLab Submitted by joaxcar joaxcar Report Arbitrary POST request as victim user from HTML injection in Jupyter...
Programme HackerOne lemlist lemlist Submitted by ondermedia ondermedia Report Clickjacking at app.lemlist.com Full Report
Programme HackerOne Nextcloud Nextcloud Submitted by ctulhu ctulhu Report Error in Deleting Deck cards attachment reveals the full path of...
Programme HackerOne Nextcloud Nextcloud Submitted by supr4s supr4s Report Nextcloud Deck : Possibility for anyone to add a stack with...
Programme HackerOne GitLab GitLab Submitted by kannthu kannthu Report Stored XSS in repository file viewer Full Report
Programme HackerOne Slack Slack Submitted by smitgharat0001 smitgharat0001 Report Email html Injection Full Report
Programme HackerOne TikTok TikTok Submitted by cancerz cancerz Report XSS and iframe injection on tiktok ads portal using redirect params...
Programme HackerOne Phabricator Phabricator Submitted by dyls dyls Report Conduit feed.publish API allows you to spoof other users or make...
Programme HackerOne Glovo Glovo Submitted by 0f1c3r 0f1c3r Report Integer overflow vulnerability Full Report
Programme HackerOne lemlist lemlist Submitted by omarelfarsaoui omarelfarsaoui Report Improper handling of payment lead to bypass payment Full Report
Programme HackerOne curl curl Submitted by sybr sybr Report CVE-2022-27781: CERTINFO never-ending busy-loop Full Report
Programme HackerOne lemlist lemlist Submitted by mr23r0 mr23r0 Report Security misconfiguration Full Report
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by albertspedersen albertspedersen Report HTTP Request Smuggling in Transform...
Programme HackerOne Automattic Automattic Submitted by sawrav-chowdhury sawrav-chowdhury Report Site information's Display Name section vulnerable for XSS attacks and HTML...
Programme HackerOne SMTP2GO BBP SMTP2GO BBP Submitted by mrrobot2050 mrrobot2050 Report Origin IP found, WAF Cloudflare Bypass Full Report
Programme HackerOne Consensys Consensys Submitted by polem4rch polem4rch Report Public Postman Api Collection Leaks Internal access to https://assets-paris-dev.codefi.network/ Full Report
Programme HackerOne MTN Group MTN Group Submitted by ibrahimatix0x01 ibrahimatix0x01 Report Download full backup Full Report
Programme HackerOne Shopify Shopify Submitted by zambo zambo Report Disclose STUFF member name and make actions. Full Report
Programme HackerOne curl curl Submitted by iylz iylz Report Credential leak on redirect Full Report
Programme HackerOne Shopify Shopify Submitted by zambo zambo Report Disclose customer orders details by shopify chat application. Full Report
Programme HackerOne curl curl Submitted by nyymi nyymi Report Cookie injection from non-secure context Full Report
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by luchua luchua Report CWE-016: Query to detect insecure configuration of...
