BugCrowd Bug Bounty Disclosure: – Reflected XSS – By Faique
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Bug Bounty
BugCrowd Bug Bounty Disclosure: – Vulnerable to Log4j – By Ractiurd
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – Failed to validate Session after Password Change. – By cyber_ritik
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – Information Disclosure of sensitive data CVE-2017-5487 – By technoking
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: string-length-restriction-byepass-at-https://callerfeel-mtnonline-com/profile/feedback-htmlbyaliyugombe
Programme HackerOne MTN Group MTN Group Submitted by aliyugombe aliyugombe Report String length restriction byepass at https://callerfeel.mtnonline.com/profile/feedback.html Full Report A...
HackerOne Bug Bounty Disclosure: idor-payments-statusbycodeslayer137
Programme HackerOne Omise Omise Submitted by codeslayer137 codeslayer137 Report IDOR Payments Status Full Report A considerable amount of time and...
HackerOne Bug Bounty Disclosure: api-key-(api-semrush-com)-leak-in-js-filebya_d_a_m
Programme HackerOne Semrush Semrush Submitted by a_d_a_m a_d_a_m Report API key (api.semrush.com) leak in JS-file Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: idor-leads-to-account-takeover-without-user-interactionbytheranger
Programme HackerOne MTN Group MTN Group Submitted by theranger theranger Report IDOR Leads To Account Takeover Without User Interaction Full...
HackerOne Bug Bounty Disclosure: password-disclosure-in-initial-setup-of-mail-appbyanna_larch
Programme HackerOne Nextcloud Nextcloud Submitted by anna_larch anna_larch Report Password disclosure in initial setup of Mail App Full Report A...
HackerOne Bug Bounty Disclosure: path-traversal-vulnerability-in-grafana-8-x-allows-“-local-file-read-“bya-heybati
Programme HackerOne MTN Group MTN Group Submitted by a-heybati a-heybati Report path traversal vulnerability in Grafana 8.x allows " local...
HackerOne Bug Bounty Disclosure: weak/auto-fill-passwordbyharrisoft
Programme HackerOne MTN Group MTN Group Submitted by harrisoft harrisoft Report Weak/Auto Fill Password Full Report A considerable amount of...
HackerOne Bug Bounty Disclosure: unauthenticated-ssrf-in-3rd-party-module-“cerdic/csstidy”byeg42
Programme HackerOne Nextcloud Nextcloud Submitted by eg42 eg42 Report Unauthenticated SSRF in 3rd party module "cerdic/csstidy" Full Report A considerable...
HackerOne Bug Bounty Disclosure: federated-share-accepting/declining-is-not-logged-in-audit-logbyrtod
Programme HackerOne Nextcloud Nextcloud Submitted by rtod rtod Report Federated share accepting/declining is not logged in audit log Full Report...
HackerOne Bug Bounty Disclosure: brute-force-protections-don’t-workbynickvergessen
Programme HackerOne Nextcloud Nextcloud Submitted by nickvergessen nickvergessen Report Brute force protections don't work Full Report A considerable amount of...
HackerOne Bug Bounty Disclosure: wordpress-users-disclosure-from-json-and-xml-filebydrak3hft7
Programme HackerOne MTN Group MTN Group Submitted by drak3hft7 drak3hft7 Report Wordpress users disclosure from json and xml file Full...
HackerOne Bug Bounty Disclosure: any-expired-reset-password-link-can-still-be-used-to-reset-the-passwordbymrccrqr
Programme HackerOne Acronis Acronis Submitted by mrccrqr mrccrqr Report Any expired reset password link can still be used to reset...
HackerOne Bug Bounty Disclosure: api-key-reported-in-#1465145-not-rotated-and-thus-is-still-valid-and-can-be-used-by-anyonebyaneeeketh
Programme HackerOne Adobe Adobe Submitted by aneeeketh aneeeketh Report API Key reported in #1465145 not rotated and thus is still...
BugCrowd Bug Bounty Disclosure: – Panel access at https://news-push-88.op-mobile.opera.com/. – By rahul0x01
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: blind-ssrf-on-platform-dash-cloudflare-com-due-to-sentry-misconfigurationbylohigowda
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by lohigowda lohigowda Report Blind SSRF on platform.dash.cloudflare.com Due...
HackerOne Bug Bounty Disclosure: cve-2022-35252:-control-code-in-cookie-denial-of-servicebyhaxatron1
Programme HackerOne curl curl Submitted by haxatron1 haxatron1 Report CVE-2022-35252: control code in cookie denial of service Full Report A...
HackerOne Bug Bounty Disclosure: enable-2fa-verification-without-verifying-email-leads-account-takeoverbymotu-vai
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by motu-vai motu-vai Report Enable 2Fa verification without verifying...
BugCrowd Bug Bounty Disclosure: – Html injection in Send email to recipient – By rynexx
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: unauthorized-accessbymega7
Programme HackerOne GitLab GitLab Submitted by mega7 mega7 Report Unauthorized access Full Report A considerable amount of time and effort...
HackerOne Bug Bounty Disclosure: non-revoked-api-key-information-disclosure-via-stripo_report()bydeb0con
Programme HackerOne Stripo Inc Stripo Inc Submitted by deb0con deb0con Report Non-revoked API Key Information disclosure via Stripo_report() Full Report...
