Improper Access Control: Authenticated Resource Exposed via Wayback Machine Archive- Nasa sheets& docs Improper Access Control: Authenticated Resource Exposed via...
Possible Public Exposure of CONFIDENTIAL Document on NASA NTRS Possible Public Exposure of CONFIDENTIAL Document on NASA NTRS Researcher: b1t3x0p...
Exposed Python Script with Hardcoded SFTP Credentials, Internal IPs, and Sensitive Data Access Exposed Python Script with Hardcoded SFTP Credentials,...
Stored XSS in NASA ASRS Maintenance Form – Payload Executes on Print Page Stored XSS in NASA ASRS Maintenance Form...
Hardcoded API Key Found in Public NASA GitHub Repository Hardcoded API Key Found in Public NASA GitHub Repository Researcher: Uma_Maheshwar_Ayyala...
Information Disclosure through configuration and various logs Information Disclosure through configuration and various logs Researcher: yashjare Engagement: National Aeronautics and...
an confidential pdf regarding technical memorandom an confidential pdf regarding technical memorandom Researcher: SahilGadhe Engagement: National Aeronautics and Space Administration...
Reflected XSS on esto.nasa.gov allows arbitrary JavaScript execution and redirection Reflected XSS on esto.nasa.gov allows arbitrary JavaScript execution and redirection...
Public Exposure of Internal Calibration Planning File on heasarc.gsfc.nasa.gov (XMM-Newton) Public Exposure of Internal Calibration Planning File on heasarc.gsfc.nasa.gov (XMM-Newton)...
Public Exposure of Internal Calibration Planning File on heasarc.gsfc.nasa.gov (XMM-Newton) Public Exposure of Internal Calibration Planning File on heasarc.gsfc.nasa.gov (XMM-Newton)...
Company Name: Mozilla Company HackerOne URL: https://hackerone.com/mozilla Submitted By:samirsec0x01Link to Submitters Profile:https://hackerone.com/samirsec0x01 Report Title:Netlify Authentication Token Exposed in Public Mozilla...
Company Name: WakaTime Company HackerOne URL: https://hackerone.com/wakatime Submitted By:atasecLink to Submitters Profile:https://hackerone.com/atasec Report Title:user api key leakedReport Link:https://hackerone.com/reports/3098717Date Submitted:13 May...
Company Name: XVIDEOS Company HackerOne URL: https://hackerone.com/xvideos Submitted By:samtimeLink to Submitters Profile:https://hackerone.com/samtime Report Title:Enable 2FA without verifying the emailReport Link:https://hackerone.com/reports/3016540Date...
Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:light3rLink to Submitters Profile:https://hackerone.com/light3r Report Title:Ability to access policy and updates for...
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:oblivionsageLink to Submitters Profile:https://hackerone.com/oblivionsage Report Title:CRLF Injection in `--proxy-header` allows extra HTTP...
Company Name: IBM Company HackerOne URL: https://hackerone.com/ibm Submitted By:0x4bdoLink to Submitters Profile:https://hackerone.com/0x4bdo Report Title:Path Traversal Vulnerability found on IBM CloudReport...
Company Name: LinkedIn Company HackerOne URL: https://hackerone.com/linkedin Submitted By:nagu123Link to Submitters Profile:https://hackerone.com/nagu123 Report Title:HTML Injection in LinkedIn Premium Support ChatReport...
Company Name: RubyGems Company HackerOne URL: https://hackerone.com/rubygems Submitted By:jagat-singhLink to Submitters Profile:https://hackerone.com/jagat-singh Report Title:`/namesnsf` and all `/names*` files route to...
Company Name: IBM Company HackerOne URL: https://hackerone.com/ibm Submitted By:muhammadwaseem3Link to Submitters Profile:https://hackerone.com/muhammadwaseem3 Report Title:Middleware Authentication Bypass on IBM PortalReport Link:https://hackerone.com/reports/3088290Date...
Company Name: Dust Company HackerOne URL: https://hackerone.com/dust Submitted By:sjaluLink to Submitters Profile:https://hackerone.com/sjalu Report Title:Stored XSS in File Upload Leads to...
Company Name: AWS VDP Company HackerOne URL: https://hackerone.com/aws_vdp Submitted By:nick_frichette_ddLink to Submitters Profile:https://hackerone.com/nick_frichette_dd Report Title:Non-Production API Endpoint for the ElastiCache...
Company Name: AWS VDP Company HackerOne URL: https://hackerone.com/aws_vdp Submitted By:nick_frichette_ddLink to Submitters Profile:https://hackerone.com/nick_frichette_dd Report Title:Non-Production API Endpoints for the cloudwatch...
Company Name: AWS VDP Company HackerOne URL: https://hackerone.com/aws_vdp Submitted By:nick_frichette_ddLink to Submitters Profile:https://hackerone.com/nick_frichette_dd Report Title:Non-Production API Endpoints for the Glue...
Company Name: Dust Company HackerOne URL: https://hackerone.com/dust Submitted By:0xsom3aLink to Submitters Profile:https://hackerone.com/0xsom3a Report Title:Privilege Escalation in Edit and Create Secret...
