Company Name: Node.js Company HackerOne URL: https://hackerone.com/nodejs Submitted By:valetteLink to Submitters Profile:https://hackerone.com/valette Report Title:setuid() does not drop all privileges due...
Company Name: Doppler Company HackerOne URL: https://hackerone.com/doppler Submitted By:w3shiLink to Submitters Profile:https://hackerone.com/w3shi Report Title:Github app(link) Takeover Listed on "hXXps://docsdopplercom/docs/github-actions" pageReport...
Company Name: Publitas Company HackerOne URL: https://hackerone.com/publitas Submitted By:giwadaoudLink to Submitters Profile:https://hackerone.com/giwadaoud Report Title:Unauthorized Access to Offline Publication Cover Pages...
Company Name: Mozilla Critical Services Company HackerOne URL: https://hackerone.com/mozilla_critical_services Submitted By:psycho_012Link to Submitters Profile:https://hackerone.com/psycho_012 Report Title:Insecure S3 Bucket Exposing Git...
Company Name: SideFX Company HackerOne URL: https://hackerone.com/sidefx Submitted By:0xchoudharyLink to Submitters Profile:https://hackerone.com/0xchoudhary Report Title:Session Doesn't expire after 2fa and also...
Company Name: Automattic Company HackerOne URL: https://hackerone.com/automattic Submitted By:renniepakLink to Submitters Profile:https://hackerone.com/renniepak Report Title:DOM XSS on multiple Automattic domains through...
Company Name: LinkedIn Company HackerOne URL: https://hackerone.com/linkedin Submitted By:mv0x01Link to Submitters Profile:https://hackerone.com/mv0x01 Report Title:Employee-only Area BypassReport Link:https://hackerone.com/reports/2299571Date Submitted:19 February 2024...
Company Name: inDrive Company HackerOne URL: https://hackerone.com/indrive Submitted By:bugsv2Link to Submitters Profile:https://hackerone.com/bugsv2 Report Title:# Drivers can access the customers phone...
Company Name: inDrive Company HackerOne URL: https://hackerone.com/indrive Submitted By:bugsv2Link to Submitters Profile:https://hackerone.com/bugsv2 Report Title:Disclosure of users' ip address whenever they...
Company Name: Mars Company HackerOne URL: https://hackerone.com/mars Submitted By:xplo1tLink to Submitters Profile:https://hackerone.com/xplo1t Report Title:Unrestricted File Upload at Report Link:https://hackerone.com/reports/2357778Date Submitted:19...
Company Name: Nextcloud Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:mikaelgundersenLink to Submitters Profile:https://hackerone.com/mikaelgundersen Report Title:OAuth2 "authorization_code" is valid indefinetlyReport Link:https://hackerone.com/reports/1784162Date Submitted:17...
Company Name: Nextcloud Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:nickvergessenLink to Submitters Profile:https://hackerone.com/nickvergessen Report Title:Can download files by zipping the folderReport...
Company Name: LocalTapiola Company HackerOne URL: https://hackerone.com/localtapiola Submitted By:shewhoisdeathLink to Submitters Profile:https://hackerone.com/shewhoisdeath Report Title:Secure Client-Initiated RenegotiationReport Link:https://hackerone.com/reports/300817Date Submitted:16 February 2024...
Company Name: Stripo Inc Company HackerOne URL: https://hackerone.com/stripo Submitted By:deb0conLink to Submitters Profile:https://hackerone.com/deb0con Report Title: mystripoemail via the setup-wizard parameterReport...
Company Name: Node.js Company HackerOne URL: https://hackerone.com/nodejs Submitted By:xionLink to Submitters Profile:https://hackerone.com/xion Report Title:Multiple permission model bypasses due to improper...
Company Name: Stripo Inc Company HackerOne URL: https://hackerone.com/stripo Submitted By:sankalpa_1337Link to Submitters Profile:https://hackerone.com/sankalpa_1337 Report Title:Non-revoked API Key Disclosure in a...
Company Name: Stripo Inc Company HackerOne URL: https://hackerone.com/stripo Submitted By:deb0conLink to Submitters Profile:https://hackerone.com/deb0con Report Title:stripoemail] HTTP request SmugglingReport Link:https://hackerone.com/reports/1631228Date Submitted:15...
Company Name: Node.js Company HackerOne URL: https://hackerone.com/nodejs Submitted By:bartLink to Submitters Profile:https://hackerone.com/bart Report Title:hXXp: Reading unprocessed HTTP request with unbounded...
Company Name: Node.js Company HackerOne URL: https://hackerone.com/nodejs Submitted By:hkarioLink to Submitters Profile:https://hackerone.com/hkario Report Title:Nodejs is vulnerable to the Marvin Attack...
Company Name: Node.js Company HackerOne URL: https://hackerone.com/nodejs Submitted By:tniessenLink to Submitters Profile:https://hackerone.com/tniessen Report Title:Code injection and privilege escalation through Linux...
Company Name: Node.js Company HackerOne URL: https://hackerone.com/nodejs Submitted By:tniessenLink to Submitters Profile:https://hackerone.com/tniessen Report Title:Improper handling of wildcards in --allow-fs-read and...
Company Name: Node.js Company HackerOne URL: https://hackerone.com/nodejs Submitted By:tniessenLink to Submitters Profile:https://hackerone.com/tniessen Report Title:Path traversal by monkey-patching Buffer internalsReport Link:https://hackerone.com/reports/2218653Date...
Company Name: Mars Company HackerOne URL: https://hackerone.com/mars Submitted By:stuuxLink to Submitters Profile:https://hackerone.com/stuux Report Title:Blind SQL Injection on via URI PathReport...
Company Name: Mars Company HackerOne URL: https://hackerone.com/mars Submitted By:haoshokunooLink to Submitters Profile:https://hackerone.com/haoshokunoo Report Title:IDOR in one subdomain of -> change...
