Bug Bounty

hackerone

HackerOne Bug Bounty Disclosure: disclosing-policypageassetgroup-in-private-programs-via-graphql-gid-hackerone-policypageassetgroupsindex-policypageassetgroup-id-haxta-ok

January 21, 2025

Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:haxta4ok00Link to Submitters Profile:https://hackerone.com/haxta4ok00 Report Title:Disclosing PolicyPageAssetGroup in Private Programs via /graphql...

Read MoreRead more about HackerOne Bug Bounty Disclosure: disclosing-policypageassetgroup-in-private-programs-via-graphql-gid-hackerone-policypageassetgroupsindex-policypageassetgroup-id-haxta-ok
hackerone

HackerOne Bug Bounty Disclosure: object-level-access-control-leads-to-reading-user-s-full-requests-sessions-and-error-messages-mester-x

January 18, 2025

Company Name: Yelp Company HackerOne URL: https://hackerone.com/yelp Submitted By:mester_xLink to Submitters Profile:https://hackerone.com/mester_x Report Title:Object Level access control leads to reading...

Read MoreRead more about HackerOne Bug Bounty Disclosure: object-level-access-control-leads-to-reading-user-s-full-requests-sessions-and-error-messages-mester-x
hackerone

HackerOne Bug Bounty Disclosure: waf-bypass-and-java-script-incomplete-handling-of-unicode-characters-might-leads-to-dom-xss-clubbable

January 13, 2025

Company Name: Doppler Company HackerOne URL: https://hackerone.com/doppler Submitted By:clubbableLink to Submitters Profile:https://hackerone.com/clubbable Report Title:WAF bypass and java script incomplete handling...

Read MoreRead more about HackerOne Bug Bounty Disclosure: waf-bypass-and-java-script-incomplete-handling-of-unicode-characters-might-leads-to-dom-xss-clubbable
hackerone

HackerOne Bug Bounty Disclosure: unauthenticated-path-traversal-and-command-injection-in-trellix-enterprise-security-manager-r-v

January 12, 2025

Company Name: Trellix Company HackerOne URL: https://hackerone.com/trellix Submitted By:r4vLink to Submitters Profile:https://hackerone.com/r4v Report Title:Unauthenticated Path Traversal and Command Injection in...

Read MoreRead more about HackerOne Bug Bounty Disclosure: unauthenticated-path-traversal-and-command-injection-in-trellix-enterprise-security-manager-r-v
hackerone

HackerOne Bug Bounty Disclosure: -oem-acronis-com-reflected-cross-site-scripting-darkdream

December 28, 2024

Company Name: Acronis Company HackerOne URL: https://hackerone.com/acronis Submitted By:darkdreamLink to Submitters Profile:https://hackerone.com/darkdream Report Title:acroniscom] Reflected Cross Site Scripting Report Link:https://hackerone.com/reports/2038943Date...

Read MoreRead more about HackerOne Bug Bounty Disclosure: -oem-acronis-com-reflected-cross-site-scripting-darkdream
hackerone

HackerOne Bug Bounty Disclosure: a-potential-risk-in-the-aws-lambda-ecs-run-task-which-can-be-used-to-privilege-escalation-zolaer

December 27, 2024

Company Name: AWS VDP Company HackerOne URL: https://hackerone.com/aws_vdp Submitted By:zolaer9527Link to Submitters Profile:https://hackerone.com/zolaer9527 Report Title:A potential risk in the aws-lambda-ecs-run-task...

Read MoreRead more about HackerOne Bug Bounty Disclosure: a-potential-risk-in-the-aws-lambda-ecs-run-task-which-can-be-used-to-privilege-escalation-zolaer
hackerone

HackerOne Bug Bounty Disclosure: hackers-attack-curl-vulnerability-accessing-sensitive-information-scottarterbury

December 27, 2024

Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:scottarterburyLink to Submitters Profile:https://hackerone.com/scottarterbury Report Title:Hackers Attack Curl Vulnerability Accessing Sensitive InformationReport...

Read MoreRead more about HackerOne Bug Bounty Disclosure: hackers-attack-curl-vulnerability-accessing-sensitive-information-scottarterbury
hackerone

HackerOne Bug Bounty Disclosure: access-to-limited-confidential-information-of-private-program-as-a-ex-reporter-report-participant-external-user-ex-staff-member-sarthakbhingare

December 24, 2024

Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:sarthakbhingare015Link to Submitters Profile:https://hackerone.com/sarthakbhingare015 Report Title:Access to limited confidential information of private...

Read MoreRead more about HackerOne Bug Bounty Disclosure: access-to-limited-confidential-information-of-private-program-as-a-ex-reporter-report-participant-external-user-ex-staff-member-sarthakbhingare
hackerone

HackerOne Bug Bounty Disclosure: bypass-upgrade-to-add-project-restriction-in-free-account-to-create-multiple-projects-without-upgrading-mrm-nk

December 20, 2024

Company Name: Basecamp Company HackerOne URL: https://hackerone.com/basecamp Submitted By:mrm0nkLink to Submitters Profile:https://hackerone.com/mrm0nk Report Title:Bypass "Upgrade To Add Project" Restriction in...

Read MoreRead more about HackerOne Bug Bounty Disclosure: bypass-upgrade-to-add-project-restriction-in-free-account-to-create-multiple-projects-without-upgrading-mrm-nk
hackerone

HackerOne Bug Bounty Disclosure: bypass-of-this-fixed-inadequate-protocol-restriction-enforcement-in-curl-hackeriron

December 19, 2024

Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:hackeriron1Link to Submitters Profile:https://hackerone.com/hackeriron1 Report Title:bypass of this Fixed #2437131 Report Link:https://hackerone.com/reports/2905552Date...

Read MoreRead more about HackerOne Bug Bounty Disclosure: bypass-of-this-fixed-inadequate-protocol-restriction-enforcement-in-curl-hackeriron

You may have missed

unlock_membership

Mastering Mobile Device Security for a Safer Digital Life

July 16, 2025
HIBP-Banner-1

MaReads – 74,453 breached accounts

July 16, 2025
image

CVE Alert: CVE-2025-7600

July 16, 2025
image

CVE Alert: CVE-2025-7596

July 16, 2025
image

CVE Alert: CVE-2025-7597

July 16, 2025