HackerOne Bug Bounty Disclosure: double-evaluation-in-bash_prompt-of-dotfiles-allows-a-malicious-repository-to-execute-arbitrary-commandsbyryotak

Programme

HackerOne

Ian Dunn

Ian Dunn

Submitted by

ryotak

ryotak

Report

Double evaluation in .bash_prompt of dotfiles allows a malicious repository to execute arbitrary commands

Full Report

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on Patreon using the button below

To keep up to date follow us on the below channels.

HackerOne Bug Bounty Disclosure: double-evaluation-in–bash_prompt-of-dotfiles-allows-a-malicious-repository-to-execute-arbitrary-commandsbyryotak

Programme

Submitted by

Report

HackerOne Bug Bounty Disclosure: open-redirect-when-logging-in-with-user-oidc-kesselb

HackerOne Bug Bounty Disclosure: attachments-folder-for-text-app-is-accessible-on-files-drop-password-protected-shares-lukasreschke

HackerOne Bug Bounty Disclosure: mail-auto-configurator-can-be-tricked-into-sending-account-information-to-wrong-servers-shushangw

HackerOne Bug Bounty Disclosure: unauthenticated-phpinfo-files-could-lead-to-ability-file-read-at-h-f-n-ips-mtn-co-ug-offensiveops

[INCRANSOM] – Ransomware Victim: PHARMATIS-SAS

Programme

Submitted by

Report

You may have missed

HackerOne Bug Bounty Disclosure: open-redirect-when-logging-in-with-user-oidc-kesselb

HackerOne Bug Bounty Disclosure: attachments-folder-for-text-app-is-accessible-on-files-drop-password-protected-shares-lukasreschke

HackerOne Bug Bounty Disclosure: mail-auto-configurator-can-be-tricked-into-sending-account-information-to-wrong-servers-shushangw

HackerOne Bug Bounty Disclosure: unauthenticated-phpinfo-files-could-lead-to-ability-file-read-at-h-f-n-ips-mtn-co-ug-offensiveops

[INCRANSOM] – Ransomware Victim: PHARMATIS-SAS