Programme HackerOne Mattermost Mattermost Submitted by uchihaluckycs uchihaluckycs Report Reset password link sent over unsecured http protocol Full Report ...
Programme HackerOne Brave Software Brave Software Submitted by ameenbasha ameenbasha Report download file type warning on Windows does not appear...
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Programme HackerOne Elastic Elastic Submitted by lu3ky-13 lu3ky-13 Report blind Server-Side Request Forgery (SSRF) allows scanning internal ports Full Report...
Programme HackerOne Ruby Ruby Submitted by leixiao leixiao Report Header CRLF Injection in Ruby Net::HTTP Full Report A considerable...
Programme HackerOne Nextcloud Nextcloud Submitted by juliushaertl juliushaertl Report Hide download previews are accessible without a watermark Full Report ...
Programme HackerOne Nextcloud Nextcloud Submitted by meinereiner meinereiner Report App pin of the Android app can be bypassed via 3rdparty...
Programme HackerOne Nextcloud Nextcloud Submitted by nickvergessen nickvergessen Report Potential directory traversal in OC\Files\Node\Folder::getFullPath Full Report A considerable amount...
Programme HackerOne Nextcloud Nextcloud Submitted by juliushaertl juliushaertl Report Document content of files can be obtained through Collabora for files...
Programme HackerOne TD Bank TD Bank Submitted by def1ant def1ant Report Reflected XSS on marketsandresearch.td.com Full Report A considerable...
Programme HackerOne HackerOne HackerOne Submitted by datph4m datph4m Report Insecure Direct Object Reference (IDOR) - Delete Campaigns Full Report ...
Programme HackerOne Fastly VDP Fastly VDP Submitted by rubayet_hassan rubayet_hassan Report Unauthenticated cache purging Full Report A considerable amount...
Programme HackerOne Fastly VDP Fastly VDP Submitted by xerhakhd xerhakhd Report Cache purge requests are not authenticated Full Report ...
Programme HackerOne Nextcloud Nextcloud Submitted by brthnc brthnc Report Reference fetch can saturate the server bandwidth for 10 seconds Full...
Programme HackerOne Nextcloud Nextcloud Submitted by aslfv aslfv Report Name collision of shared folders Full Report A considerable amount...
Programme HackerOne Hyperledger Hyperledger Submitted by kmhlyxj0 kmhlyxj0 Report POOL_UPGRADE command injection, Trustee Node can execute command in any other...
Programme HackerOne 8x8 8x8 Submitted by pentestor pentestor Report Credential leak on GitHub: https://github.com/// (Peoplesoft CRM) Full Report A...
Programme HackerOne Omise Omise Submitted by muhammadilyas muhammadilyas Report The endpoint '/test/webhooks' is vulnerable to DNS Rebinding Full Report ...
Programme HackerOne Reddit Reddit Submitted by revolte revolte Report Blind SSRF with Escalation possibilities in matrix preview_link API Full Report...
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by dee-see dee-see Report CVE-2023-28755: ReDoS vulnerability in URI Full Report...
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by ooooooo_q ooooooo_q Report ReDoS( Ruby, Time) Full Report A...
Programme HackerOne Kubernetes Kubernetes Submitted by jlleitschuh jlleitschuh Report The `io.kubernetes.client.util.generic.dynamic.Dynamics` contains a code execution vulnerability due to SnakeYAML Full...
Programme HackerOne Acronis Acronis Submitted by imranhudaa imranhudaa Report Delete any user's added Email,Telephone,Fax,Address,Skype via csrf in (https://academy.acronis.com/) Full Report...
Programme HackerOne Nextcloud Nextcloud Submitted by hackit_bharat hackit_bharat Report Missing brute force protection for passwords of password protected share links...
