BugCrowd Bug Bounty Disclosure: P3 – exploitable weaknesses in functionality – By asad_anwar
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Bug Bounty
BugCrowd Bug Bounty Disclosure: P2 – Blind stored XSS on from https://talent.indeed.com to http://auscorp-analyticstest1.indeed.net:8012/notebooks/8221 – By bigBugGuy
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P2 – Found Xss in Resumes Page – By Sparta337
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P4 – XSS via Google Drive – https://www.indeed.jobs/career/Profile – By CGuillaume
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P3 – XSS reflected – https://www.indeed.com/hire/employer-confirmation [co, hl] – By CGuillaume
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: com-nextcloud-client-bypass-the-protection-lock-in-andoid-app-v-3-18-1-latest-version-bydashingjaved
Programme HackerOne Nextcloud Nextcloud Submitted by dashingjaved dashingjaved Report com.nextcloud.client bypass the protection lock in andoid app v 3.18.1 latest...
HackerOne Bug Bounty Disclosure: lfi-in-filepathdownload-parameter-viabyexploitmsf
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by exploitmsf exploitmsf Report lfi in filePathDownload parameter via...
HackerOne Bug Bounty Disclosure: oauth2-bearer-not-checked-for-connection-re-usebymonnerat
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by monnerat monnerat Report OAUTH2 bearer not-checked for connection re-use Full...
HackerOne Bug Bounty Disclosure: sql-injection–in-https:///bymido0x0x
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by mido0x0x mido0x0x Report SQL INJECTION in https:/// Full...
HackerOne Bug Bounty Disclosure: possibility-to-force-an-admin-to-install-recommended-applicationsbyigorpyan
Programme HackerOne Nextcloud Nextcloud Submitted by igorpyan igorpyan Report Possibility to force an admin to install recommended applications Full Report
HackerOne Bug Bounty Disclosure: sensitive-data-exposure-via-/secure/querycomponent!default-jspa-endpoint-onbynjmulsqb
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by njmulsqb njmulsqb Report Sensitive data exposure via /secure/QueryComponent!Default.jspa...
HackerOne Bug Bounty Disclosure: ssrf-due-to–cve-2021-27905-in-www-byfdeleite
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by fdeleite fdeleite Report SSRF due to CVE-2021-27905 in...
HackerOne Bug Bounty Disclosure: reflected-xss-[]byfdeleite
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by fdeleite fdeleite Report Reflected XSS Full Report
HackerOne Bug Bounty Disclosure: cve-2022-22576:-oauth2-bearer-bypass-in-connection-re-usebymonnerat
Programme HackerOne curl curl Submitted by monnerat monnerat Report CVE-2022-22576: OAUTH2 bearer bypass in connection re-use Full Report
HackerOne Bug Bounty Disclosure: reflected-xss-[]byfdeleite
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by fdeleite fdeleite Report Reflected XSS Full Report
HackerOne Bug Bounty Disclosure: vulnerable-to-cve-2022-22954bynull_bytes
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by null_bytes null_bytes Report vulnerable to CVE-2022-22954 Full Report
HackerOne Bug Bounty Disclosure: blind-sql-injectionbymido0x0x
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by mido0x0x mido0x0x Report Blind SQL Injection Full Report
HackerOne Bug Bounty Disclosure: dos-via-large-console-messagesbythesecuritydev
Programme HackerOne Mattermost Mattermost Submitted by thesecuritydev thesecuritydev Report DoS via large console messages Full Report
HackerOne Bug Bounty Disclosure: subdomain-takeover-(abandoned-zendesk–easycontactnow-com)bybx_1
Programme HackerOne 8x8 8x8 Submitted by bx_1 bx_1 Report subdomain takeover (abandoned Zendesk .easycontactnow.com) Full Report
HackerOne Bug Bounty Disclosure: container-escape-on-public-gitlab-ci-runnersbyec0
Programme HackerOne GitLab GitLab Submitted by ec0 ec0 Report Container escape on public GitLab CI runners Full Report
HackerOne Bug Bounty Disclosure: cve-2022-27775:-bad-local-ipv6-connection-reusebynyymi
Programme HackerOne curl curl Submitted by nyymi nyymi Report CVE-2022-27775: Bad local IPv6 connection reuse Full Report
HackerOne Bug Bounty Disclosure: cve-2022-27776:-auth/cookie-leak-on-redirectbynyymi
Programme HackerOne curl curl Submitted by nyymi nyymi Report CVE-2022-27776: Auth/cookie leak on redirect Full Report
HackerOne Bug Bounty Disclosure: cve-2022-27774:-credential-leak-on-redirectbynyymi
Programme HackerOne curl curl Submitted by nyymi nyymi Report CVE-2022-27774: Credential leak on redirect Full Report
HackerOne Bug Bounty Disclosure: rce-via-exposed-jmx-server-on-jabber-37signals-com/jabber-basecamp-combyian
Programme HackerOne Basecamp Basecamp Submitted by ian ian Report RCE via exposed JMX server on jabber.37signals.com/jabber.basecamp.com Full Report
