The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Programme HackerOne Nextcloud Nextcloud Submitted by dashingjaved dashingjaved Report com.nextcloud.client bypass the protection lock in andoid app v 3.18.1 latest...
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by exploitmsf exploitmsf Report lfi in filePathDownload parameter via...
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by monnerat monnerat Report OAUTH2 bearer not-checked for connection re-use Full...
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by fdeleite fdeleite Report Reflected XSS Full Report
Programme HackerOne curl curl Submitted by monnerat monnerat Report CVE-2022-22576: OAUTH2 bearer bypass in connection re-use Full Report
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by fdeleite fdeleite Report Reflected XSS Full Report
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by null_bytes null_bytes Report vulnerable to CVE-2022-22954 Full Report
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by mido0x0x mido0x0x Report Blind SQL Injection Full Report
Programme HackerOne Mattermost Mattermost Submitted by thesecuritydev thesecuritydev Report DoS via large console messages Full Report
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by mido0x0x mido0x0x Report SQL INJECTION in https:/// Full...
Programme HackerOne Nextcloud Nextcloud Submitted by igorpyan igorpyan Report Possibility to force an admin to install recommended applications Full Report
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by njmulsqb njmulsqb Report Sensitive data exposure via /secure/QueryComponent!Default.jspa...
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by fdeleite fdeleite Report SSRF due to CVE-2021-27905 in...
Programme HackerOne 8x8 8x8 Submitted by bx_1 bx_1 Report subdomain takeover (abandoned Zendesk .easycontactnow.com) Full Report
Programme HackerOne GitLab GitLab Submitted by ec0 ec0 Report Container escape on public GitLab CI runners Full Report
Programme HackerOne curl curl Submitted by nyymi nyymi Report CVE-2022-27775: Bad local IPv6 connection reuse Full Report
Programme HackerOne curl curl Submitted by nyymi nyymi Report CVE-2022-27776: Auth/cookie leak on redirect Full Report
Programme HackerOne curl curl Submitted by nyymi nyymi Report CVE-2022-27774: Credential leak on redirect Full Report
Programme HackerOne Basecamp Basecamp Submitted by ian ian Report RCE via exposed JMX server on jabber.37signals.com/jabber.basecamp.com Full Report
Programme HackerOne Judge.me Judge.me Submitted by glister glister Report Stored XSS in "product type" field executed via product filters Full...
Programme HackerOne Krisp Krisp Submitted by sammam sammam Report Force User to Accept Attacker's invite Full Report
Programme HackerOne Shopify Shopify Submitted by danishalkatiri danishalkatiri Report Xss triggered in Your-store.myshopify.com/myshopify.com/admin/apps/shopify-email/editor/**** Full Report
