Programme HackerOne Acronis Acronis Submitted by second_grade_pentester second_grade_pentester Report unauth mosquitto ( client emails, ips, license keys exposure ) Full...
Programme HackerOne OneWeb OneWeb Submitted by thewikiii thewikiii Report Cross-site scripting (DOM-based) Full Report A considerable amount of time and...
Programme HackerOne 8x8 8x8 Submitted by mr_k0anti mr_k0anti Report Public Apache Tomcat /examples example directory Full Report A considerable amount...
Programme HackerOne Shopify Shopify Submitted by hydraxanon82 hydraxanon82 Report Information disclosure ( Google Sales Channel ) Full Report A considerable...
Programme HackerOne Reddit Reddit Submitted by sateeshn sateeshn Report Can use the Reddit android app as usual even though revoking...
Programme HackerOne MTN Group MTN Group Submitted by shuvam321 shuvam321 Report POST BASED REFLECTED XSS IN dailydeals.mtn.co.za Full Report A...
Programme HackerOne Shopify Shopify Submitted by inhibitor181 inhibitor181 Report shopApps query from the graphql at /users/api returns all existing created...
Programme HackerOne LinkedIn LinkedIn Submitted by raajeevrathnam raajeevrathnam Report Add me email address Authentication bypass Full Report A considerable amount...
Programme HackerOne Shopify Shopify Submitted by comwrg comwrg Report One Click XSS in Full Report A considerable amount of time...
Programme HackerOne Acronis Acronis Submitted by rhinestonecowboy rhinestonecowboy Report nps.acronis.com is vulnerable to the recent log4shell 0-day Full Report A...
Programme HackerOne GitLab GitLab Submitted by xanbanx xanbanx Report Stored XSS for Grafana dashboard URL Full Report A considerable amount...
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by ooooooo_q ooooooo_q Report rubygems.org Batching attack to `confirmation_token` by bypass...
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by pimterry pimterry Report Undici ProxyAgent vulnerable to MITM Full Report...
Programme HackerOne Acronis Acronis Submitted by savik savik Report CVE-2021-40438 on cp-eu2.acronis.com Full Report A considerable amount of time and...
Programme HackerOne Node.js Node.js Submitted by pimterry pimterry Report Undici does not use CONNECT or otherwise validate upstream HTTPS certificates...
Programme HackerOne Shopify Shopify Submitted by codermak codermak Report Github base action takeover which is used in `github.com/Shopify/unity-buy-sdk` Full Report...
Programme HackerOne GitLab GitLab Submitted by sateeshn sateeshn Report Able to view hackerone reports attachments Full Report A considerable amount...
Programme HackerOne Glovo Glovo Submitted by battle_angel battle_angel Report Server Side Template Injection on Name parameter during Sign Up process...
Programme HackerOne Stripe Stripe Submitted by beerboy_ankit beerboy_ankit Report Mass Account Takeover at https://app.taxjar.com/ - No user Interaction Full Report...
Programme HackerOne Glovo Glovo Submitted by cmuppin cmuppin Report Getting a free delivery by singing up from "[email protected]" Full Report...
Programme HackerOne Radancy Radancy Submitted by dk4trin dk4trin Report Blind SSRF at packagist.maximum.nl Full Report A considerable amount of time...
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by tdp3kel9g tdp3kel9g Report Read beyond bounds in ap_strcmp_match() Full Report...
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by tdp3kel9g tdp3kel9g Report Read beyond bounds via ap_rwrite() Full Report...
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by tdp3kel9g tdp3kel9g Report Read beyond bounds in mod_isapi.c Full Report...
