HackerOne Bug Bounty Disclosure: [user_oidc]-unencrypted-communicationsbylauritz
Programme HackerOne Nextcloud Nextcloud Submitted by lauritz lauritz Report Unencrypted Communications Full Report A considerable amount of time and effort...
Bug Bounty
HackerOne Bug Bounty Disclosure: email-verification-bypass-allows-users-to-add-&-verify-any-email–as-guardians-emailbyshuvam321
Programme HackerOne Khan Academy Khan Academy Submitted by shuvam321 shuvam321 Report Email Verification Bypass Allows Users to Add & verify...
HackerOne Bug Bounty Disclosure: akismet-api-keys-are-exposed-by-authentication-methodbyaaroncarson
Programme HackerOne Automattic Automattic Submitted by aaroncarson aaroncarson Report Akismet API keys are exposed by authentication method Full Report A...
HackerOne Bug Bounty Disclosure: firebase-credentials-leakbyjimmisimon
Programme HackerOne MTN Group MTN Group Submitted by jimmisimon jimmisimon Report Firebase credentials leak Full Report A considerable amount of...
HackerOne Bug Bounty Disclosure: [mk8dx]-improper-verification-of-competition-creation-allows-to-create-“official”-competitionsbyrambo6glaz
Programme HackerOne Nintendo Nintendo Submitted by rambo6glaz rambo6glaz Report Improper verification of Competition creation allows to create "Official" competitions Full...
BugCrowd Bug Bounty Disclosure: – Authorized drivers can disable remote monitoring – By KLWTTS
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: electron-cve-2022-35954-delimiter-injection-vulnerability-in-exportvariablebytheinternetofdefcon_
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by theinternetofdefcon_ theinternetofdefcon_ Report Electron CVE-2022-35954 Delimiter Injection Vulnerability in exportVariable...
HackerOne Bug Bounty Disclosure: dos-via-markdown-api-from-unauthenticated-userbylegit-security
Programme HackerOne GitHub GitHub Submitted by legit-security legit-security Report DoS via markdown API from unauthenticated user Full Report A considerable...
HackerOne Bug Bounty Disclosure: link-shortener-bypass-(regression-on-fix-for-#1032610)byjub0bs
Programme HackerOne Twitter Twitter Submitted by jub0bs jub0bs Report Link-shortener bypass (regression on fix for #1032610) Full Report A considerable...
HackerOne Bug Bounty Disclosure: cd=false-(dnssec)-not-respected-in-dns-over-https-json-requestsbymattipv4
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by mattipv4 mattipv4 Report cd=false (DNSSEC) not respected in...
HackerOne Bug Bounty Disclosure: unauthorized-access-to-resumes-stored-on-linkedinbyheadhunter
Programme HackerOne LinkedIn LinkedIn Submitted by headhunter headhunter Report Unauthorized access to resumes stored on LinkedIn Full Report A considerable...
BugCrowd Bug Bounty Disclosure: – Reflected Cross Site Scripting (XSS) on https://gamemaker.io/account/dashboard – By abitsec
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: xss-in-linktr-ee—on-link-thumbnail-addingbyjagata
Programme HackerOne Linktree Linktree Submitted by jagata jagata Report XSS in linktr.ee - on link thumbnail adding Full Report A...
HackerOne Bug Bounty Disclosure: unprotected-atlantis-server-at-https://152-70–byshuvam321
Programme HackerOne 8x8 8x8 Submitted by shuvam321 shuvam321 Report Unprotected Atlantis Server at https://152.70.. Full Report A considerable amount of...
HackerOne Bug Bounty Disclosure: idor-in-stats-api-endpoint-allows-viewing-equity-or-net-profit-of-any-mt-accountbyashwarya
Programme HackerOne EXNESS EXNESS Submitted by ashwarya ashwarya Report IDOR in Stats API Endpoint Allows Viewing Equity or Net Profit...
BugCrowd Bug Bounty Disclosure: – HTML Injection > licensing.fcc.gov – By Naplon
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: authentication-bypass-in-https://nin-mtn-ngbyroland_hack
Programme HackerOne MTN Group MTN Group Submitted by roland_hack roland_hack Report Authentication bypass in https://nin.mtn.ng Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: calendar-name-length-not-validated-before-writing-to-databasebyerrorx404
Programme HackerOne Nextcloud Nextcloud Submitted by errorx404 errorx404 Report Calendar name length not validated before writing to database Full Report...
HackerOne Bug Bounty Disclosure: firebase-database-takeover-in-https://pulseradio-mtn-co-ug/byshuvam321
Programme HackerOne MTN Group MTN Group Submitted by shuvam321 shuvam321 Report Firebase Database Takeover in https://pulseradio.mtn.co.ug/ Full Report A considerable...
HackerOne Bug Bounty Disclosure: double-evaluation-in–bash_prompt-of-dotfiles-allows-a-malicious-repository-to-execute-arbitrary-commandsbyryotak
Programme HackerOne Ian Dunn Ian Dunn Submitted by ryotak ryotak Report Double evaluation in .bash_prompt of dotfiles allows a malicious...
HackerOne Bug Bounty Disclosure: cve-2022-45402:-apache-airflow:-open-redirect-during-loginbybugra
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by bugra bugra Report CVE-2022-45402: Apache Airflow: Open redirect during login...
HackerOne Bug Bounty Disclosure: remove-every-user,-admin,-and-owner-out-of-their-teams-on-developers-mtn-com-via-idor-+-information-disclosurebywallotry
Programme HackerOne MTN Group MTN Group Submitted by wallotry wallotry Report Remove Every User, Admin, And Owner Out Of Their...
HackerOne Bug Bounty Disclosure: unprotected-direct-object-referencebycoyemerald
Programme HackerOne MTN Group MTN Group Submitted by coyemerald coyemerald Report Unprotected Direct Object Reference Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: if-the-website-does-not-impose-additional-defense-against-csrf-attacks,-failing-to-use-the-‘lax’-or-‘strict’-values-could-increase-the-risk-of-exposurbyshubhangirathore836
Programme HackerOne Yelp Yelp Submitted by shubhangirathore836 shubhangirathore836 Report If the website does not impose additional defense against CSRF attacks,...
