BugCrowd Bug Bounty Disclosure: – Increase Rank on Bugcrowd Platform. – By MuhammadKhizerJaved
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Bug Bounty
BugCrowd Bug Bounty Disclosure: – Subdomain Takeover on worldcup.starlink.com – By ibrahimnet
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: sensitive-information-disclosurebyashishmurugan
Programme HackerOne Trellix Trellix Submitted by ashishmurugan ashishmurugan Report Sensitive Information Disclosure Full Report A considerable amount of time...
HackerOne Bug Bounty Disclosure: a-malicious-actor-could-rotate-tokens-of-a-victim,-given-that-he-knows-the-victim’s-token-idbyesx
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by esx esx Report A malicious actor could rotate...
HackerOne Bug Bounty Disclosure: possible-to-spoof-origin-in-“connected-sites”byrenniepak
Programme HackerOne MetaMask MetaMask Submitted by renniepak renniepak Report Possible to spoof Origin in "Connected Sites" Full Report A...
HackerOne Bug Bounty Disclosure: cloudflare-is-not-properly-deleting-user’s-accountbyali_hassan_khan
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by ali_hassan_khan ali_hassan_khan Report Cloudflare is not properly deleting...
HackerOne Bug Bounty Disclosure: adding-h1_analyst_*-to-username-for-normal-usersbyrefaat01
Programme HackerOne HackerOne HackerOne Submitted by refaat01 refaat01 Report adding h1_analyst_* to username for normal users Full Report A...
HackerOne Bug Bounty Disclosure: github-security-lab-(ghsl)-vulnerability-report:-sqlinjection-in-filecontentprovider-kt-(ghsl-2022-059)byatorralba
Programme HackerOne ownCloud ownCloud Submitted by atorralba atorralba Report GitHub Security Lab (GHSL) Vulnerability Report: SQLInjection in FileContentProvider.kt (GHSL-2022-059) Full...
HackerOne Bug Bounty Disclosure: ability-to-read-any-emails-through-idor-on-nextcloud-mailbyctulhu
Programme HackerOne Nextcloud Nextcloud Submitted by ctulhu ctulhu Report Ability to read any emails through IDOR on Nextcloud Mail Full...
HackerOne Bug Bounty Disclosure: remote-code-execution-on-owncloud-instances-with-imagemagick-installedbylukasreschke
Programme HackerOne ownCloud ownCloud Submitted by lukasreschke lukasreschke Report Remote Code Execution on ownCloud instances with ImageMagick installed Full Report...
HackerOne Bug Bounty Disclosure: can-delete-other-user’s-post-and-company-page-postbyanandpingsafe
Programme HackerOne LinkedIn LinkedIn Submitted by anandpingsafe anandpingsafe Report Can delete other user's post and company page post Full Report...
HackerOne Bug Bounty Disclosure: testing-flow-includes-a-deepsource-secretbytriplesided
Programme HackerOne Weblate Weblate Submitted by triplesided triplesided Report Testing flow includes a DeepSource secret Full Report A considerable...
HackerOne Bug Bounty Disclosure: sensitive-information-for-phpinfo-php-at-https://products-ean-com/byexploitmsf
Programme HackerOne Expedia Group Bug Bounty Expedia Group Bug Bounty Submitted by exploitmsf exploitmsf Report Sensitive information for phpinfo.php at...
HackerOne Bug Bounty Disclosure: idor-in-talentmap-api-can-be-abused-to-enumerate-personal-information-of-all-the-usersbynepalihacker0x01
Programme HackerOne U.S. Department of State U.S. Department of State Submitted by nepalihacker0x01 nepalihacker0x01 Report IDOR in TalentMAP API can...
BugCrowd Bug Bounty Disclosure: – Linux client – command injection – local privilege escalation – By mmmdspl
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: session-mismatch-leading-to-potential-account-takeover-(local-access-required)byostracize
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by ostracize ostracize Report Session mismatch leading to potential...
HackerOne Bug Bounty Disclosure: website-php-source-code-returned-in-javascriptbymdfarhanchowdhuryhasin
Programme HackerOne Nextcloud Nextcloud Submitted by mdfarhanchowdhuryhasin mdfarhanchowdhuryhasin Report Website PHP source code returned in javascript Full Report A...
HackerOne Bug Bounty Disclosure: ability-to-control-the-filename-when-uploading-a-logo-or-favicon-on-themingbyctulhu
Programme HackerOne Nextcloud Nextcloud Submitted by ctulhu ctulhu Report Ability to control the filename when uploading a logo or favicon...
HackerOne Bug Bounty Disclosure: full-passcode-bypass-on-nextcloud-app-iosbyctulhu
Programme HackerOne Nextcloud Nextcloud Submitted by ctulhu ctulhu Report Full Passcode bypass on Nextcloud App iOS Full Report A...
HackerOne Bug Bounty Disclosure: inadequate-encryption-strength-in-nodejs-current-reads-openssl-cnf-from-/home/iojs/build/—-upon-startup-on-macosbymhdawson_
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by mhdawson_ mhdawson_ Report Inadequate Encryption Strength in nodejs-current reads openssl.cnf...
HackerOne Bug Bounty Disclosure: http-request-smuggling-due-to-incorrect-parsing-of-header-fieldsbyvwx7
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by vwx7 vwx7 Report HTTP Request Smuggling Due to Incorrect Parsing...
HackerOne Bug Bounty Disclosure: use-of-cryptographically-weak-pseudo-random-number-generator-in-webcrypto-keygenbybn00rdhuis
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by bn00rdhuis bn00rdhuis Report Use of Cryptographically Weak Pseudo-Random Number Generator...
HackerOne Bug Bounty Disclosure: [shop-resmed-com]csrf-leads-to–unsubscribe-victim-from-communication-and–reward-membershipbypranav-pranayx01
Programme HackerOne ResMed ResMed Submitted by pranav-pranayx01 pranav-pranayx01 Report CSRF leads to Unsubscribe victim from Communication and Reward Membership Full...
BugCrowd Bug Bounty Disclosure: – Clickjacking with reflected xss and redirected to google – By Orange_hacker
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
