BugCrowd Bug Bounty Disclosure: P4 – HTML Injection in meeting owner email – By mega7
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Bug Bounty
BugCrowd Bug Bounty Disclosure: P4 – HTML Injection in email when deactivate a user – By mega7
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: redirection-in-repeater-&-intruder-tabbymr_vrush
Programme HackerOne PortSwigger Web Security PortSwigger Web Security Submitted by mr_vrush mr_vrush Report Redirection in Repeater & Intruder Tab Full...
HackerOne Bug Bounty Disclosure: read-only-administrator-can-change-agent-update-settingsbymega7
Programme HackerOne Acronis Acronis Submitted by mega7 mega7 Report Read-only administrator can change agent update settings Full Report A considerable...
HackerOne Bug Bounty Disclosure: many-commands-can-be-manipulated-to-delete-identities-or-affiliationsbycet2000
Programme HackerOne Hyperledger Hyperledger Submitted by cet2000 cet2000 Report many commands can be manipulated to delete identities or affiliations Full...
HackerOne Bug Bounty Disclosure: xmlrpc-php-file-is-enable-it-will-used-for-bruteforce-attack-and-denial-of-service(dos)byanonymmert12
Programme HackerOne Top Echelon Software Top Echelon Software Submitted by anonymmert12 anonymmert12 Report xmlrpc.php FILE IS enable it will used...
HackerOne Bug Bounty Disclosure: lack-of-rate-limit-while-joining-video-call-in-talk-section-which-is-password-protectedbyerror2001
Programme HackerOne Nextcloud Nextcloud Submitted by error2001 error2001 Report Lack of Rate limit while joining video call in talk section...
HackerOne Bug Bounty Disclosure: anonymous-access-control—payments-statusbycodeslayer137
Programme HackerOne Omise Omise Submitted by codeslayer137 codeslayer137 Report Anonymous access control - Payments Status Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: http-put-method-is-enabled-downloader-ratelimited-mebycodeslayer137
Programme HackerOne RATELIMITED RATELIMITED Submitted by codeslayer137 codeslayer137 Report HTTP PUT method is enabled downloader.ratelimited.me Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: unrestricted-file-upload-blind-stored-xss–in-subdomain-ads-tiktok-combymrzheev
Programme HackerOne TikTok TikTok Submitted by mrzheev mrzheev Report Unrestricted File Upload Blind Stored Xss in subdomain ads.tiktok.com Full Report...
HackerOne Bug Bounty Disclosure: sensei-lms-idor-to-send-messagebyghimire_veshraj
Programme HackerOne Automattic Automattic Submitted by ghimire_veshraj ghimire_veshraj Report Sensei LMS IDOR to send message Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: unauthenticated-private-messages-disclosure-via-wordpress-rest-apibyghimire_veshraj
Programme HackerOne Automattic Automattic Submitted by ghimire_veshraj ghimire_veshraj Report Unauthenticated Private Messages DIsclosure via wordpress Rest API Full Report A...
HackerOne Bug Bounty Disclosure: xss-in-redditmedia-com-can-compromise-data-of-reddit-combykeer0k
Programme HackerOne Reddit Reddit Submitted by keer0k keer0k Report XSS in redditmedia.com can compromise data of reddit.com Full Report A...
HackerOne Bug Bounty Disclosure: found-origin-ip’s-lead-to-access-to-gitlabbym-narayanan
Programme HackerOne GitLab GitLab Submitted by m-narayanan m-narayanan Report Found Origin IP's lead to access to gitlab Full Report A...
HackerOne Bug Bounty Disclosure: one-click-account-hijack-for-anyone-using-apple-sign-in-with-reddit,-due-to-response-type-switch-+-leaking-href-to-xss-on-www-redditmedia-combyfransrosen
Programme HackerOne Reddit Reddit Submitted by fransrosen fransrosen Report One-click account hijack for anyone using Apple sign-in with Reddit, due...
HackerOne Bug Bounty Disclosure: race-condition-on-https://judge-me/peoplebynetboom
Programme HackerOne Judge.me Judge.me Submitted by netboom netboom Report Race condition on https://judge.me/people Full Report A considerable amount of time...
HackerOne Bug Bounty Disclosure: insecure-use-of-shell-openexternal()-in-rocket-chat-desktop-app-leading-to-rcebybaltpeter
Programme HackerOne Rocket.Chat Rocket.Chat Submitted by baltpeter baltpeter Report Insecure use of shell.openExternal() in Rocket.Chat Desktop App leading to RCE...
HackerOne Bug Bounty Disclosure: insecure-tls-configuration-#3530bybhaskar_ram
Programme HackerOne Hyperledger Hyperledger Submitted by bhaskar_ram bhaskar_ram Report Insecure TLS Configuration #3530 Full Report A considerable amount of time...
HackerOne Bug Bounty Disclosure: delete-the-subaccount-from-the-user-idbyqualwin38000
Programme HackerOne Showmax Showmax Submitted by qualwin38000 qualwin38000 Report delete the subaccount from the user id Full Report A considerable...
HackerOne Bug Bounty Disclosure: open-s3-bucket-accessible-by-any-aws-userbykhalidou
Programme HackerOne GoCD GoCD Submitted by khalidou khalidou Report Open S3 Bucket Accessible by any Aws User Full Report A...
HackerOne Bug Bounty Disclosure: corsa-site-scripting-vulnerability-(xss)bybhaskar_ram
Programme HackerOne Hyperledger Hyperledger Submitted by bhaskar_ram bhaskar_ram Report Corsa Site Scripting Vulnerability (XSS) Full Report A considerable amount of...
HackerOne Bug Bounty Disclosure: open-redirection-at-https://smartreports-mtncameroon-netbyvulnera
Programme HackerOne MTN Group MTN Group Submitted by vulnera vulnera Report Open redirection at https://smartreports.mtncameroon.net Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: @nextcloud/logger-npm-package-brings-vulnerable-ansi-regex-versionbyro0telqayser
Programme HackerOne Nextcloud Nextcloud Submitted by ro0telqayser ro0telqayser Report @nextcloud/logger NPM package brings vulnerable ansi-regex version Full Report A considerable...
HackerOne Bug Bounty Disclosure: off-by-slash-vulnerability-in-nodejs-org-and-iojs-orgbynagaro
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by nagaro nagaro Report Off-by-slash vulnerability in nodejs.org and iojs.org Full...
