HackerOne Bug Bounty Disclosure: testing-flow-includes-a-deepsource-secretbytriplesided
Programme HackerOne Weblate Weblate Submitted by triplesided triplesided Report Testing flow includes a DeepSource secret Full Report A considerable...
bug bounty
BugCrowd Bug Bounty Disclosure: – Linux client – command injection – local privilege escalation – By mmmdspl
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: session-mismatch-leading-to-potential-account-takeover-(local-access-required)byostracize
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by ostracize ostracize Report Session mismatch leading to potential...
HackerOne Bug Bounty Disclosure: website-php-source-code-returned-in-javascriptbymdfarhanchowdhuryhasin
Programme HackerOne Nextcloud Nextcloud Submitted by mdfarhanchowdhuryhasin mdfarhanchowdhuryhasin Report Website PHP source code returned in javascript Full Report A...
HackerOne Bug Bounty Disclosure: ability-to-control-the-filename-when-uploading-a-logo-or-favicon-on-themingbyctulhu
Programme HackerOne Nextcloud Nextcloud Submitted by ctulhu ctulhu Report Ability to control the filename when uploading a logo or favicon...
HackerOne Bug Bounty Disclosure: full-passcode-bypass-on-nextcloud-app-iosbyctulhu
Programme HackerOne Nextcloud Nextcloud Submitted by ctulhu ctulhu Report Full Passcode bypass on Nextcloud App iOS Full Report A...
HackerOne Bug Bounty Disclosure: use-of-cryptographically-weak-pseudo-random-number-generator-in-webcrypto-keygenbybn00rdhuis
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by bn00rdhuis bn00rdhuis Report Use of Cryptographically Weak Pseudo-Random Number Generator...
HackerOne Bug Bounty Disclosure: inadequate-encryption-strength-in-nodejs-current-reads-openssl-cnf-from-/home/iojs/build/—-upon-startup-on-macosbymhdawson_
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by mhdawson_ mhdawson_ Report Inadequate Encryption Strength in nodejs-current reads openssl.cnf...
HackerOne Bug Bounty Disclosure: http-request-smuggling-due-to-incorrect-parsing-of-header-fieldsbyvwx7
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by vwx7 vwx7 Report HTTP Request Smuggling Due to Incorrect Parsing...
HackerOne Bug Bounty Disclosure: [shop-resmed-com]csrf-leads-to–unsubscribe-victim-from-communication-and–reward-membershipbypranav-pranayx01
Programme HackerOne ResMed ResMed Submitted by pranav-pranayx01 pranav-pranayx01 Report CSRF leads to Unsubscribe victim from Communication and Reward Membership Full...
BugCrowd Bug Bounty Disclosure: – Clickjacking with reflected xss and redirected to google – By Orange_hacker
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – Auth.Tesla.com Account Takeover of Internal Tesla Accounts – By evanconnelly
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: csrf-protection-on-oidc-login-is-brokenbymikaelgundersen
Programme HackerOne Nextcloud Nextcloud Submitted by mikaelgundersen mikaelgundersen Report CSRF protection on OIDC login is broken Full Report A...
HackerOne Bug Bounty Disclosure: full-account-takeover-on-*-unibet-com-due-to-crossdomain-xml-and-akamaiplayer-loadercontextbyfransrosen
Programme HackerOne Kindred Group Kindred Group Submitted by fransrosen fransrosen Report Full Account Takeover on *.unibet.com due to crossdomain.xml and...
HackerOne Bug Bounty Disclosure: [unibet-com]-delete-messages-via-idor-at-/mom-api/messages/unibet_@unibet/bynaaash
Programme HackerOne Kindred Group Kindred Group Submitted by naaash naaash Report Delete messages via IDOR at /mom-api/messages/unibet_@unibet/ Full Report ...
HackerOne Bug Bounty Disclosure: [www-32red-com]-reverse-proxy-misconfiguration-leads-to-1-click-account-takeoverbysw33tlie
Programme HackerOne Kindred Group Kindred Group Submitted by sw33tlie sw33tlie Report Reverse proxy misconfiguration leads to 1-click account takeover Full...
HackerOne Bug Bounty Disclosure: dangling-dns-record-docs-jitsi-net-(unsuccessful-gsuite-takeover)bybababounty99
Programme HackerOne 8x8 Bounty 8x8 Bounty Submitted by bababounty99 bababounty99 Report Dangling DNS Record docs.jitsi.net (unsuccessful GSuite takeover) Full Report...
BugCrowd Bug Bounty Disclosure: – Linux client – Lack of certificate validation leading to RCE – By mmmdspl
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: unauthorized-user-can-view-subscribers-of-other-users-newslettersbytushar6378
Programme HackerOne LinkedIn LinkedIn Submitted by tushar6378 tushar6378 Report Unauthorized User can View Subscribers of Other Users Newsletters Full Report...
HackerOne Bug Bounty Disclosure: ios-group-chat-denial-of-servicebyyinmo
Programme HackerOne LINE LINE Submitted by yinmo yinmo Report iOS group chat denial of service Full Report A considerable...
HackerOne Bug Bounty Disclosure: stored-xss-via-filename-on-https://partners-line-me/byrioncool22
Programme HackerOne LINE LINE Submitted by rioncool22 rioncool22 Report Stored XSS Via Filename On https://partners.line.me/ Full Report A considerable...
HackerOne Bug Bounty Disclosure: path-traversal-in-a-tomcat-serverbytosun
Programme HackerOne LINE LINE Submitted by tosun tosun Report Path traversal in a Tomcat server Full Report A considerable...
HackerOne Bug Bounty Disclosure: speedtest-8×8-com:-enabled-directory-listingbyshriyanss
Programme HackerOne 8x8 8x8 Submitted by shriyanss shriyanss Report speedtest.8x8.com: Enabled Directory Listing Full Report A considerable amount of...
HackerOne Bug Bounty Disclosure: debugging-panel-exposurebytosun
Programme HackerOne LINE LINE Submitted by tosun tosun Report Debugging panel exposure Full Report A considerable amount of time...
