Bug Bounty

hackerone

HackerOne Bug Bounty Disclosure: disclosing-policypageassetgroup-in-private-programs-via-graphql-gid-hackerone-policypageassetgroupsindex-policypageassetgroup-id-haxta-ok

January 21, 2025

Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:haxta4ok00Link to Submitters Profile:https://hackerone.com/haxta4ok00 Report Title:Disclosing PolicyPageAssetGroup in Private Programs via /graphql...

Read MoreRead more about HackerOne Bug Bounty Disclosure: disclosing-policypageassetgroup-in-private-programs-via-graphql-gid-hackerone-policypageassetgroupsindex-policypageassetgroup-id-haxta-ok
hackerone

HackerOne Bug Bounty Disclosure: object-level-access-control-leads-to-reading-user-s-full-requests-sessions-and-error-messages-mester-x

January 18, 2025

Company Name: Yelp Company HackerOne URL: https://hackerone.com/yelp Submitted By:mester_xLink to Submitters Profile:https://hackerone.com/mester_x Report Title:Object Level access control leads to reading...

Read MoreRead more about HackerOne Bug Bounty Disclosure: object-level-access-control-leads-to-reading-user-s-full-requests-sessions-and-error-messages-mester-x
hackerone

HackerOne Bug Bounty Disclosure: waf-bypass-and-java-script-incomplete-handling-of-unicode-characters-might-leads-to-dom-xss-clubbable

January 13, 2025

Company Name: Doppler Company HackerOne URL: https://hackerone.com/doppler Submitted By:clubbableLink to Submitters Profile:https://hackerone.com/clubbable Report Title:WAF bypass and java script incomplete handling...

Read MoreRead more about HackerOne Bug Bounty Disclosure: waf-bypass-and-java-script-incomplete-handling-of-unicode-characters-might-leads-to-dom-xss-clubbable
hackerone

HackerOne Bug Bounty Disclosure: unauthenticated-path-traversal-and-command-injection-in-trellix-enterprise-security-manager-r-v

January 12, 2025

Company Name: Trellix Company HackerOne URL: https://hackerone.com/trellix Submitted By:r4vLink to Submitters Profile:https://hackerone.com/r4v Report Title:Unauthenticated Path Traversal and Command Injection in...

Read MoreRead more about HackerOne Bug Bounty Disclosure: unauthenticated-path-traversal-and-command-injection-in-trellix-enterprise-security-manager-r-v
hackerone

HackerOne Bug Bounty Disclosure: -oem-acronis-com-reflected-cross-site-scripting-darkdream

December 28, 2024

Company Name: Acronis Company HackerOne URL: https://hackerone.com/acronis Submitted By:darkdreamLink to Submitters Profile:https://hackerone.com/darkdream Report Title:acroniscom] Reflected Cross Site Scripting Report Link:https://hackerone.com/reports/2038943Date...

Read MoreRead more about HackerOne Bug Bounty Disclosure: -oem-acronis-com-reflected-cross-site-scripting-darkdream
hackerone

HackerOne Bug Bounty Disclosure: a-potential-risk-in-the-aws-lambda-ecs-run-task-which-can-be-used-to-privilege-escalation-zolaer

December 27, 2024

Company Name: AWS VDP Company HackerOne URL: https://hackerone.com/aws_vdp Submitted By:zolaer9527Link to Submitters Profile:https://hackerone.com/zolaer9527 Report Title:A potential risk in the aws-lambda-ecs-run-task...

Read MoreRead more about HackerOne Bug Bounty Disclosure: a-potential-risk-in-the-aws-lambda-ecs-run-task-which-can-be-used-to-privilege-escalation-zolaer
hackerone

HackerOne Bug Bounty Disclosure: hackers-attack-curl-vulnerability-accessing-sensitive-information-scottarterbury

December 27, 2024

Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:scottarterburyLink to Submitters Profile:https://hackerone.com/scottarterbury Report Title:Hackers Attack Curl Vulnerability Accessing Sensitive InformationReport...

Read MoreRead more about HackerOne Bug Bounty Disclosure: hackers-attack-curl-vulnerability-accessing-sensitive-information-scottarterbury
hackerone

HackerOne Bug Bounty Disclosure: access-to-limited-confidential-information-of-private-program-as-a-ex-reporter-report-participant-external-user-ex-staff-member-sarthakbhingare

December 24, 2024

Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:sarthakbhingare015Link to Submitters Profile:https://hackerone.com/sarthakbhingare015 Report Title:Access to limited confidential information of private...

Read MoreRead more about HackerOne Bug Bounty Disclosure: access-to-limited-confidential-information-of-private-program-as-a-ex-reporter-report-participant-external-user-ex-staff-member-sarthakbhingare
hackerone

HackerOne Bug Bounty Disclosure: bypass-upgrade-to-add-project-restriction-in-free-account-to-create-multiple-projects-without-upgrading-mrm-nk

December 20, 2024

Company Name: Basecamp Company HackerOne URL: https://hackerone.com/basecamp Submitted By:mrm0nkLink to Submitters Profile:https://hackerone.com/mrm0nk Report Title:Bypass "Upgrade To Add Project" Restriction in...

Read MoreRead more about HackerOne Bug Bounty Disclosure: bypass-upgrade-to-add-project-restriction-in-free-account-to-create-multiple-projects-without-upgrading-mrm-nk

You may have missed

image

[RALORD] – Ransomware Victim: ​​​​agromate company

April 22, 2025
hkcert

Microsoft Monthly Security Update (March 2025)

April 22, 2025
hkcert

F5 Products Denial of Service Vulnerability

April 22, 2025
hkcert

SonicWall Products Remote Code Execution Vulnerability

April 22, 2025
hkcert

Apple Products Multiple Vulnerabilities

April 22, 2025