Bug Bounty

HackerOne Bug Bounty Disclosure: unauthenticated-access-to-internal-api-at-edu-htus-matrixsoftsec

July 19, 2024

Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:matrixsoftsecLink to Submitters Profile:https://hackerone.com/matrixsoftsec Report Title:Unauthenticated access to internal...

HackerOne Bug Bounty Disclosure: xxe-with-rce-potential-on-the-hxxps-cve-sp-d-rs

July 19, 2024

Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:sp1d3rsLink to Submitters Profile:https://hackerone.com/sp1d3rs Report Title:XXE with RCE potential...

HackerOne Bug Bounty Disclosure: unauthenticated-arbitrary-file-upload-on-the-hxxps-mil-sp-d-rs

July 19, 2024

HackerOne Bug Bounty Disclosure: authentication-bypass-and-potential-rce-on-the-hxxps-due-to-exposed-cisco-telepresence-sx-with-default-credentials-sp-d-rs

July 19, 2024

HackerOne Bug Bounty Disclosure: missing-access-control-allows-for-user-creation-and-privilege-escalation-bulldawg

July 19, 2024

Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:bulldawgLink to Submitters Profile:https://hackerone.com/bulldawg Report Title:Missing Access Control Allows...

HackerOne Bug Bounty Disclosure: email-takeover-leads-to-permanent-account-deletion-prakhar-x

July 19, 2024

Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:prakhar0x01Link to Submitters Profile:https://hackerone.com/prakhar0x01 Report Title:Email Takeover leads to...

HackerOne Bug Bounty Disclosure: restrict-any-user-from-login-to-their-account-prakhar-x

July 19, 2024

HackerOne Bug Bounty Disclosure: local-file-inclusion-in-download-php-tokyoenigma

July 19, 2024

Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:tokyoenigmaLink to Submitters Profile:https://hackerone.com/tokyoenigma Report Title:Local File Inclusion in...

HackerOne Bug Bounty Disclosure: endpoint-redirects-to-admin-page-and-provides-admin-role-bulldawg

July 19, 2024

HackerOne Bug Bounty Disclosure: xml-external-entity-xxe-injection-maskedpersian

July 19, 2024

Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:maskedpersianLink to Submitters Profile:https://hackerone.com/maskedpersian Report Title:XML External Entity (XXE)...

HackerOne Bug Bounty Disclosure: idor-modify-other-users-demographic-details-prakhar-x

July 19, 2024

HackerOne Bug Bounty Disclosure: idor-leads-to-view-other-user-biographical-details-possible-pii-leak-prakhar-x

July 19, 2024

HackerOne Bug Bounty Disclosure: automatic-admin-access-bulldawg

July 19, 2024

HackerOne Bug Bounty Disclosure: idor-leads-to-pii-leak-prakhar-x

July 19, 2024

HackerOne Bug Bounty Disclosure: authentication-bypass-on-hxxps-bulldawg

July 19, 2024

HackerOne Bug Bounty Disclosure: xss-in-ibm-infocenter-redyetihacks

July 17, 2024

Company Name: IBM Company HackerOne URL: https://hackerone.com/ibm Submitted By:redyetihacksLink to Submitters Profile:https://hackerone.com/redyetihacks Report Title:XSS in IBM InfoCenterReport Link:https://hackerone.com/reports/2343548Date Submitted:17 July...

HackerOne Bug Bounty Disclosure: permission-model-improperly-processes-unc-paths-tniessen

July 15, 2024

Company Name: Node.js Company HackerOne URL: https://hackerone.com/nodejs Submitted By:tniessenLink to Submitters Profile:https://hackerone.com/tniessen Report Title:Permission model improperly processes UNC pathsReport Link:https://hackerone.com/reports/2079103Date...

HackerOne Bug Bounty Disclosure: important-apache-http-server-may-use-exploitable-malicious-backend-application-output-to-run-local-handlers-via-internal-redirect-cve-orange

July 13, 2024

HackerOne Bug Bounty Disclosure: important-apache-http-server-weakness-in-mod-rewrite-when-first-segment-of-substitution-matches-filesystem-path-cve-orange

July 13, 2024

HackerOne Bug Bounty Disclosure: important-apache-http-server-crash-resulting-in-denial-of-service-in-mod-proxy-via-a-malicious-request-cve-orange

July 13, 2024

HackerOne Bug Bounty Disclosure: important-apache-http-server-on-windows-unc-ssrf-cve-orange

July 13, 2024

Bug Bounty

HackerOne Bug Bounty Disclosure: unauthenticated-access-to-internal-api-at-edu-htus-matrixsoftsec

HackerOne Bug Bounty Disclosure: xxe-with-rce-potential-on-the-hxxps-cve-sp-d-rs

HackerOne Bug Bounty Disclosure: unauthenticated-arbitrary-file-upload-on-the-hxxps-mil-sp-d-rs

HackerOne Bug Bounty Disclosure: authentication-bypass-and-potential-rce-on-the-hxxps-due-to-exposed-cisco-telepresence-sx-with-default-credentials-sp-d-rs

HackerOne Bug Bounty Disclosure: missing-access-control-allows-for-user-creation-and-privilege-escalation-bulldawg

HackerOne Bug Bounty Disclosure: email-takeover-leads-to-permanent-account-deletion-prakhar-x

HackerOne Bug Bounty Disclosure: restrict-any-user-from-login-to-their-account-prakhar-x

HackerOne Bug Bounty Disclosure: local-file-inclusion-in-download-php-tokyoenigma

HackerOne Bug Bounty Disclosure: endpoint-redirects-to-admin-page-and-provides-admin-role-bulldawg

HackerOne Bug Bounty Disclosure: xml-external-entity-xxe-injection-maskedpersian

HackerOne Bug Bounty Disclosure: idor-modify-other-users-demographic-details-prakhar-x

HackerOne Bug Bounty Disclosure: idor-leads-to-view-other-user-biographical-details-possible-pii-leak-prakhar-x

HackerOne Bug Bounty Disclosure: automatic-admin-access-bulldawg

HackerOne Bug Bounty Disclosure: idor-leads-to-pii-leak-prakhar-x

HackerOne Bug Bounty Disclosure: authentication-bypass-on-hxxps-bulldawg

HackerOne Bug Bounty Disclosure: xss-in-ibm-infocenter-redyetihacks

HackerOne Bug Bounty Disclosure: permission-model-improperly-processes-unc-paths-tniessen

HackerOne Bug Bounty Disclosure: moderate-apache-http-server-http-response-splitting-cve-orange

HackerOne Bug Bounty Disclosure: account-takeover-via-authentication-bypass-in-tiktok-account-recovery-xtt-k

HackerOne Bug Bounty Disclosure: moderate-apache-http-server-proxy-encoding-problem-cve-orange

HackerOne Bug Bounty Disclosure: important-apache-http-server-may-use-exploitable-malicious-backend-application-output-to-run-local-handlers-via-internal-redirect-cve-orange

HackerOne Bug Bounty Disclosure: important-apache-http-server-weakness-in-mod-rewrite-when-first-segment-of-substitution-matches-filesystem-path-cve-orange

HackerOne Bug Bounty Disclosure: important-apache-http-server-crash-resulting-in-denial-of-service-in-mod-proxy-via-a-malicious-request-cve-orange

HackerOne Bug Bounty Disclosure: important-apache-http-server-on-windows-unc-ssrf-cve-orange

HackerOne Bug Bounty Disclosure: disclosure-of-the-valid-cognizant-credentials-at-the-postman-collection-hellicopter

HackerOne Bug Bounty Disclosure: privilege-escalation-a-non-owner-user-who-does-not-have-access-to-the-user-management-can-invite-other-users-to-the-restaurant-page-vijaysimha-reddy

HackerOne Bug Bounty Disclosure: registration-information-leakage-titanrain

HackerOne Bug Bounty Disclosure: unauthorized-reservation-cancellation-through-idor-vulnerability-no-need

[PLAY] – Ransomware Victim: Marshall & Bruce Printing

You may have missed