Programme HackerOne Acronis Acronis Submitted by rhinestonecowboy rhinestonecowboy Report nps.acronis.com is vulnerable to the recent log4shell 0-day Full Report A...
Programme HackerOne GitLab GitLab Submitted by xanbanx xanbanx Report Stored XSS for Grafana dashboard URL Full Report A considerable amount...
Programme HackerOne Shopify Shopify Submitted by codermak codermak Report Github base action takeover which is used in `github.com/Shopify/unity-buy-sdk` Full Report...
Programme HackerOne GitLab GitLab Submitted by sateeshn sateeshn Report Able to view hackerone reports attachments Full Report A considerable amount...
Programme HackerOne Glovo Glovo Submitted by battle_angel battle_angel Report Server Side Template Injection on Name parameter during Sign Up process...
Programme HackerOne Stripe Stripe Submitted by beerboy_ankit beerboy_ankit Report Mass Account Takeover at https://app.taxjar.com/ - No user Interaction Full Report...
Programme HackerOne Glovo Glovo Submitted by cmuppin cmuppin Report Getting a free delivery by singing up from "[email protected]" Full Report...
Programme HackerOne Radancy Radancy Submitted by dk4trin dk4trin Report Blind SSRF at packagist.maximum.nl Full Report A considerable amount of time...
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by tdp3kel9g tdp3kel9g Report Read beyond bounds in mod_isapi.c Full Report...
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by tdp3kel9g tdp3kel9g Report Controllable read beyond bounds in lua_websocket_readbytes() Full...
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by tdp3kel9g tdp3kel9g Report Read beyond bounds in ap_strcmp_match() Full Report...
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by tdp3kel9g tdp3kel9g Report Read beyond bounds via ap_rwrite() Full Report...
Programme HackerOne Glovo Glovo Submitted by mehdisadir mehdisadir Report Exposed valid AWS, Mysql, Sendgrid and other secrets Full Report A...
Programme HackerOne Hyperledger Hyperledger Submitted by fatal0 fatal0 Report Remote denial of service in HyperLedger Fabric Full Report A considerable...
Programme HackerOne SKALE Network SKALE Network Submitted by voiddy voiddy Report Stack Buffer Overflow via `gmp_sprintf`in `BLSSignature` and `BLSSigShare` Full...
Programme HackerOne New Relic New Relic Submitted by sairanga sairanga Report Reflected Cross site Scripting (XSS) on https://one.newrelic.com Full Report...
Programme HackerOne GitLab GitLab Submitted by ledz1996 ledz1996 Report Exposure of a valid Gitlab-Workhorse JWT leading to various bad things...
Programme HackerOne UPS VDP UPS VDP Submitted by 3amoura 3amoura Report Reflected XSS on https://wwwapps.ups.com/ctc/request?loc= Full Report A considerable amount...
Programme HackerOne Nextcloud Nextcloud Submitted by spaceraccoon spaceraccoon Report SMTP Command Injection in iCalendar Attachments to Emails via Newlines Full...
Programme HackerOne Reddit Reddit Submitted by zqyzoid zqyzoid Report Moderators can send messages to users from banned subreddits via `oauth.reddit.com/api/mod/conversations`...
Programme HackerOne Nextcloud Nextcloud Submitted by rtod rtod Report Federated editing allows iframing possibly malicious remotes Full Report A considerable...
Programme HackerOne TikTok TikTok Submitted by aidilarf_2000 aidilarf_2000 Report XSS Payload on TikTok Seller Center endpoint Full Report A considerable...
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by bombon bombon Report Bypassing Cache Deception Armor using...
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by mattipv4 mattipv4 Report Sign in with Apple works...
