BugCrowd Bug Bounty Disclosure: P1 – Local file read (CVE2020-3452 in CISCO ASA) – By _Sparrow
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Month: April 2022
BugCrowd Bug Bounty Disclosure: P5 – Critical information disclosure at https://www.doi.gov/ – By tejaspawar172000
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P3 – Stored XSS [doi.gov/iacb/indian-arts-and-crafts-board-potential-violation-report ] – By Xml_
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P1 – Log4Shell (CVE-2021-44228) – By aminei
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P4 – #2 BLIND XSS ON CONTACT PAGE .doi.gov/contact-us – By Msjsoi323_
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P5 – Information Disclosure via url tampering – By murderfalcon
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P4 – Xss on – employers.indeed.com – By ig420_vrush
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P3 – postMessage XSS in Tesla Payment page – By TheTime
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P5 – Broken Access Control Issue. – By jeetbhdr
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P1 – RCE in Bitbucket DataCenter via HazelCastPort – By SnowyOwl
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P3 – Able to change other publishers’ payment details – By AlWaYsHuNt
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P2 – Privilege Escalation of Publisher Account due to IDOR – By AlWaYsHuNt
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P3 – Subdomain Takeover for rtncf-rci.ral.r4.fws.gov – By thelicato
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P4 – html injection in [https://edoiu.doi.gov/login/signup.php] – By CryptoKnight028
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P5 – Lack of Security Headers – By F_Robot
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P1 – HTTP Desync Attack (Request Smuggling) – Mass Session Hijacking – By AnkitSingh
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P5 – Information exposure through Directory Listing – By jaibalaji
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P5 – CSRF Leads to Logout any Loggedin user from their session – By DeadSniper
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P5 – Clickjack Bug in Website – By ethicalpanther
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
LockBit 2.0 Ransomware Victim: multimmobiliare[.]ch
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
LockBit 2.0 Ransomware Victim: schriesheim[.]de
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
A week in security (April 18 – 24)
Last week on Malwarebytes Labs: Why you shouldn’t automate your VirusTotal uploadsNorth Korean Lazarus APT group targets blockchain tech companiesWatch out...
Conti Ransomware Victim: https-website
continews NOTE: The information on this page is automated and scraped directly from the Conti .onion Dark Web Tor Blog...
Oracle Critical Patch Update Advisory – April 2022-CVE-2022-21449
NAME Oracle - Multiple Platforms Affected:MultipleRisk Level:mediumCVE Type:Unspecified DESCRIPTION CVE-2022-21449 is an unspecified vulnerability impacting multiple versions of Oracle Java...
