HackerOne Bug Bounty Disclosure: security-issue-into-wallet-lock-protectionbybug_vs_me
Programme HackerOne Hiro Hiro Submitted by bug_vs_me bug_vs_me Report Security Issue into Wallet lock protection Full Report A considerable amount...
bug bounty
BugCrowd Bug Bounty Disclosure: – I found a text injection – By Orange_hacker
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: cross-origin-resource-sharing-misconfigurationbyparshwa_21
Programme HackerOne Acronis Acronis Submitted by parshwa_21 parshwa_21 Report Cross Origin Resource Sharing Misconfiguration Full Report A considerable amount of...
HackerOne Bug Bounty Disclosure: origin-ip-address-disclosure-through-pingora-response-headerbysmither
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by smither smither Report Origin IP address disclosure through...
HackerOne Bug Bounty Disclosure: missing-character-limitation-allows-to-put-generate-a-database-errorbyerror_2001
Programme HackerOne Nextcloud Nextcloud Submitted by error_2001 error_2001 Report Missing character limitation allows to put generate a database error Full...
HackerOne Bug Bounty Disclosure: passcode-bypass-on-talk-android-appbyctulhu
Programme HackerOne Nextcloud Nextcloud Submitted by ctulhu ctulhu Report Passcode bypass on Talk Android app Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: possibility-to-delete-files-attached-to-deck-cards-of-other-usersbysupr4s
Programme HackerOne Nextcloud Nextcloud Submitted by supr4s supr4s Report Possibility to delete files attached to deck cards of other users...
HackerOne Bug Bounty Disclosure: race-condition-in-joining-ctf-groupbyzeyu2001
Programme HackerOne HackerOne HackerOne Submitted by zeyu2001 zeyu2001 Report Race condition in joining CTF group Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: heic-image-preview-can-be-used-to-invoke-imagickbylukasreschkenc
Programme HackerOne Nextcloud Nextcloud Submitted by lukasreschkenc lukasreschkenc Report HEIC image preview can be used to invoke Imagick Full Report...
HackerOne Bug Bounty Disclosure: cve-2022-40127:-rce-in-apache-airflow-<2-4-0-bash-examplebyleixiao
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by leixiao leixiao Report CVE-2022-40127: RCE in Apache Airflow
HackerOne Bug Bounty Disclosure: csv-injection-at-https://assets-paris-demo-codefi-network/bydoosec101
Programme HackerOne Consensys Consensys Submitted by doosec101 doosec101 Report CSV Injection at https://assets-paris-demo.codefi.network/ Full Report A considerable amount of time...
HackerOne Bug Bounty Disclosure: address-bar-spoofing-on-tor-browserbysoulhunter
Programme HackerOne Tor Tor Submitted by soulhunter soulhunter Report Address Bar Spoofing on TOR Browser Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: redos-(rails::html::permitscrubber-scrub_attribute)byooooooo_q
Programme HackerOne Ruby on Rails Ruby on Rails Submitted by ooooooo_q ooooooo_q Report ReDoS (Rails::Html::PermitScrubber.scrub_attribute) Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: no-password-length-limit-when-creating-a-user-as-an-administratorbyhackeronefour
Programme HackerOne Nextcloud Nextcloud Submitted by hackeronefour hackeronefour Report No password length limit when creating a user as an administrator...
HackerOne Bug Bounty Disclosure: disabled-download-shares-still-allow-download-through-preview-imagesbyjuliushaertl
Programme HackerOne Nextcloud Nextcloud Submitted by juliushaertl juliushaertl Report Disabled download shares still allow download through preview images Full Report...
HackerOne Bug Bounty Disclosure: guests-can-continue-to-receive-video-streams-from-call-after-being-removed-from-a-conversationbydaniel_calvino_sanchez
Programme HackerOne Nextcloud Nextcloud Submitted by daniel_calvino_sanchez daniel_calvino_sanchez Report Guests can continue to receive video streams from call after being...
HackerOne Bug Bounty Disclosure: dom-based-xss-on-parameter-?vsid=bydracoludio
Programme HackerOne JetBlue JetBlue Submitted by dracoludio dracoludio Report Dom-Based XSS on parameter ?vsid= Full Report A considerable amount of...
HackerOne Bug Bounty Disclosure: s3-bucket-takeover-[learn2-khanacademy-org]byfdeleite
Programme HackerOne Khan Academy Khan Academy Submitted by fdeleite fdeleite Report S3 bucket takeover Full Report A considerable amount of...
HackerOne Bug Bounty Disclosure: chained-open-redirects-and-use-of-ideographic-full-stop-defeat-twitter’s–approach-to-blocking-linksbyjub0bs
Programme HackerOne Twitter Twitter Submitted by jub0bs jub0bs Report Chained open redirects and use of Ideographic Full Stop defeat Twitter's...
HackerOne Bug Bounty Disclosure: smtp-command-injection-in-appointment-emails-via-newlinesbyspaceraccoon
Programme HackerOne Nextcloud Nextcloud Submitted by spaceraccoon spaceraccoon Report SMTP Command Injection in Appointment Emails via Newlines Full Report A...
HackerOne Bug Bounty Disclosure: cve-2022-43552:-http-proxy-deny-use-after-freebybagder
Programme HackerOne curl curl Submitted by bagder bagder Report CVE-2022-43552: HTTP Proxy deny use-after-free Full Report A considerable amount of...
HackerOne Bug Bounty Disclosure: account-takeover—improper-validation-of-jwt-signature-(with-regards–to-experiation-date-claim)bytwelvesix
Programme HackerOne Linktree Linktree Submitted by twelvesix twelvesix Report Account takeover - improper validation of jwt signature (with regards to...
HackerOne Bug Bounty Disclosure: nextcloudcmd-incorrectly-trusts-bad-tls-certificatesbytobiaskaminsky
Programme HackerOne Nextcloud Nextcloud Submitted by tobiaskaminsky tobiaskaminsky Report nextcloudcmd incorrectly trusts bad TLS certificates Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: exposure-of-admin-username-&-passwordbycoyemerald
Programme HackerOne MTN Group MTN Group Submitted by coyemerald coyemerald Report Exposure Of Admin Username & Password Full Report A...
