HackerOne Bug Bounty Disclosure: xmlrpc-php-file-enabled-at–orgbyiam_a_jinchuriki
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by iam_a_jinchuriki iam_a_jinchuriki Report xmlrpc.php file enabled at .org...
Bug Bounty
HackerOne Bug Bounty Disclosure: improper-access-control-on-media-wiki-allows-an-attackers-to-restart-installation-on-dod-assetbymiguel_santareno
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by miguel_santareno miguel_santareno Report Improper Access Control on Media...
HackerOne Bug Bounty Disclosure: haproxy-stats-panel-exposed-externallybyabhinavsecondary
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by abhinavsecondary abhinavsecondary Report HAProxy stats panel exposed externally...
HackerOne Bug Bounty Disclosure: client-side-authentication-leads-to-auth-bypassbyabhinavsecondary
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by abhinavsecondary abhinavsecondary Report Client side authentication leads to...
HackerOne Bug Bounty Disclosure: html-injection-via-insecure-parameter-[https://www-ubercarshare-com/]byzhero_
Programme HackerOne Uber Uber Submitted by zhero_ zhero_ Report HTML injection via insecure parameter Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: [data-07-uberinternal-com]-ssrf-in-portainer-app-lead-to-access-to-internal-docker-api-without-authbykxyry
Programme HackerOne Uber Uber Submitted by kxyry kxyry Report SSRF in Portainer app lead to access to Internal Docker API...
HackerOne Bug Bounty Disclosure: apache-http-server:-mod_proxy_uwsgi-http-response-splitting-(cve-2023-27522)bynyxsorcerer
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by nyxsorcerer nyxsorcerer Report Apache HTTP Server: mod_proxy_uwsgi HTTP response splitting...
HackerOne Bug Bounty Disclosure: dom-based-xss-via-insecure-parameter-on-[-https://uberpay-mock-psp-uber-com-]byzhero_
Programme HackerOne Uber Uber Submitted by zhero_ zhero_ Report DOM based XSS via insecure parameter on Full Report A...
HackerOne Bug Bounty Disclosure: [uchat-uberinternals-com]-mattermost-doesn’t-check-origin-in-websockets,-which-leads-to-the-critical-inforamation-leakage-bykxyry
Programme HackerOne Uber Uber Submitted by kxyry kxyry Report Mattermost doesn't check Origin in Websockets, which leads to the Critical...
HackerOne Bug Bounty Disclosure: [cpp]:-add-query-for-cwe-125-out-of-bounds-read-with-different-interpretation-of-the-string-when-use-mbtowcbyporcupineyhairs
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by porcupineyhairs porcupineyhairs Report : Add query for CWE-125 Out-of-bounds Read...
HackerOne Bug Bounty Disclosure: [python]-unsafe-unpacking-using-shutil-unpack_archive()-query-and-testsbysim4n6
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by sim4n6 sim4n6 Report Unsafe unpacking using shutil.unpack_archive() query and tests...
HackerOne Bug Bounty Disclosure: c/c++:-command-injection-via-wordexpbyihsinme
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by ihsinme ihsinme Report C/C++: Command injection via wordexp Full Report...
HackerOne Bug Bounty Disclosure: python-:-add-query-to-detect-pam-authorization-bypassbyporcupineyhairs
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by porcupineyhairs porcupineyhairs Report Python : Add query to detect PAM...
HackerOne Bug Bounty Disclosure: [python]-tarslip-vulnerability-improvementsbysim4n6
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by sim4n6 sim4n6 Report TarSlip vulnerability improvements Full Report A...
HackerOne Bug Bounty Disclosure: stealing-users-oauth-authorization-code-via-redirect_uribyhackit_bharat
Programme HackerOne pixiv pixiv Submitted by hackit_bharat hackit_bharat Report Stealing Users OAuth authorization code via redirect_uri Full Report A...
HackerOne Bug Bounty Disclosure: [go]:-add-beego-input-requestbody-source-to-beego-frameworkbygregxsunday
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by gregxsunday gregxsunday Report : Add Beego.Input.RequestBody source to Beego framework...
HackerOne Bug Bounty Disclosure: cpp:-pam-authorization-bypassbykuzu7shiki
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by kuzu7shiki kuzu7shiki Report CPP: Pam Authorization Bypass Full Report ...
HackerOne Bug Bounty Disclosure: [cpp]add-query-to-detect-bugs-like-cve-2017-5123by4b5f5f4b
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by 4b5f5f4b 4b5f5f4b Report Add query to detect bugs like CVE-2017-5123...
HackerOne Bug Bounty Disclosure: cve-2023-27537:-hsts-double-freebykurohiro
Programme HackerOne curl curl Submitted by kurohiro kurohiro Report CVE-2023-27537: HSTS double-free Full Report A considerable amount of time...
HackerOne Bug Bounty Disclosure: potential-dos-vulnerability-in-django-in-multipart-parserbydas7pad
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by das7pad das7pad Report Potential DoS vulnerability in Django in multipart...
HackerOne Bug Bounty Disclosure: regular-expression-denial-of-service-in-headersbysno2
Programme HackerOne Node.js Node.js Submitted by sno2 sno2 Report Regular Expression Denial of Service in Headers Full Report A...
HackerOne Bug Bounty Disclosure: insecure-loading-of-icu-data-through-icu_data-environment-variablebybnoordhuis
Programme HackerOne Node.js Node.js Submitted by bnoordhuis bnoordhuis Report Insecure loading of ICU data through ICU_DATA environment variable Full Report...
HackerOne Bug Bounty Disclosure: permissions-policies-can-be-bypassed-via-process-mainmodulebygoums
Programme HackerOne Node.js Node.js Submitted by goums goums Report Permissions policies can be bypassed via process.mainModule Full Report A...
HackerOne Bug Bounty Disclosure: rce-vulnerability-in-apache-airflow-providers-apache-sqoop-3-1-0byleixiao
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by leixiao leixiao Report RCE vulnerability in apache-airflow-providers-apache-sqoop 3.1.0 Full Report...
