HackerOne Bug Bounty Disclosure: download-permissions-can-be-changed-by-resharerbyrullzer
Programme HackerOne Nextcloud Nextcloud Submitted by rullzer rullzer Report Download permissions can be changed by resharer Full Report A considerable...
bug bounty
HackerOne Bug Bounty Disclosure: crlf-injection-in-nodejs-undici-via-hostbytimon8
Programme HackerOne Node.js Node.js Submitted by timon8 timon8 Report CRLF Injection in Nodejs undici via host Full Report A considerable...
HackerOne Bug Bounty Disclosure: sql-injection-+-insecure-deserialization-leads-to-remote-code-execution-on-https://krisp-aibymikemyers
Programme HackerOne Krisp Krisp Submitted by mikemyers mikemyers Report SQL Injection + Insecure Deserialization leads to Remote Code Execution on...
BugCrowd Bug Bounty Disclosure: – privilege escalation allow the admin to takeover the org by invite the user as owner – By amitkh7888
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: xss-and-html-injection-on-(-https://labs-history-state-gov)byismailu
Programme HackerOne U.S. Department of State U.S. Department of State Submitted by ismailu ismailu Report xss and html injection on...
HackerOne Bug Bounty Disclosure: cve-2023-23916:-http-multi-header-compression-denial-of-servicebymonnerat
Programme HackerOne curl curl Submitted by monnerat monnerat Report CVE-2023-23916: HTTP multi-header compression denial of service Full Report A considerable...
HackerOne Bug Bounty Disclosure: the-deleted-polls-is-still-accessable-after-30-daysbyeissen5c
Programme HackerOne Twitter Twitter Submitted by eissen5c eissen5c Report The Deleted Polls is Still Accessable after 30 Days Full Report...
HackerOne Bug Bounty Disclosure: splunk-sensitive-information-disclosure-@axiellstore-usahec-orgbyspell1
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by spell1 spell1 Report Splunk Sensitive Information Disclosure @axiellstore.usahec.org...
HackerOne Bug Bounty Disclosure: hackerone-undisclosed-report-leak-via-poc-of-full-disclosure-on-hacktivitybysyjane
Programme HackerOne HackerOne HackerOne Submitted by syjane syjane Report HackerOne Undisclosed Report Leak via PoC of Full Disclosure on Hacktivity...
HackerOne Bug Bounty Disclosure: desktop-client-can-be-tricked-into-opening/executing-local-files-when-clicking-a-nc://open/-linkbylukasreschke
Programme HackerOne Nextcloud Nextcloud Submitted by lukasreschke lukasreschke Report Desktop client can be tricked into opening/executing local files when clicking...
HackerOne Bug Bounty Disclosure: jitsi-desktop-client-rce-by-interacting-with-malicious-url-schemes-on-windowsbyex0dus-0x
Programme HackerOne 8x8 Bounty 8x8 Bounty Submitted by ex0dus-0x ex0dus-0x Report Jitsi Desktop Client RCE By Interacting with Malicious URL...
HackerOne Bug Bounty Disclosure: double-forward-slash-breaks-server-side-restrictions-&-allows-access-to-prohibited-services-from-a-partner-accountbyashwarya
Programme HackerOne EXNESS EXNESS Submitted by ashwarya ashwarya Report Double forward slash breaks server-side restrictions & allows access to prohibited...
HackerOne Bug Bounty Disclosure: ssrf-via-filter-bypass-due-to-lax-checking-on-ipsbyobitorasu
Programme HackerOne Nextcloud Nextcloud Submitted by obitorasu obitorasu Report SSRF via filter bypass due to lax checking on IPs Full...
HackerOne Bug Bounty Disclosure: open-redirectionbydoosec101
Programme HackerOne JetBlue JetBlue Submitted by doosec101 doosec101 Report Open Redirection Full Report A considerable amount of time and effort...
HackerOne Bug Bounty Disclosure: access-to-tomcat-manager-with-default-credsbydoosec101
Programme HackerOne JetBlue JetBlue Submitted by doosec101 doosec101 Report Access to tomcat-manager with default creds Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: tiktok-2fa-bypassbyamans
Programme HackerOne TikTok TikTok Submitted by amans amans Report TikTok 2FA Bypass Full Report A considerable amount of time and...
HackerOne Bug Bounty Disclosure: mystery-with-a-leaked-token-and-reusability-of-email-confirmation-link-leading-to-account-takeoverbygokulsk
Programme HackerOne Sorare Sorare Submitted by gokulsk gokulsk Report Mystery with a leaked token and Reusability of email confirmation link...
BugCrowd Bug Bounty Disclosure: – Idor – Access To Private Resumes – By mar0uane
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – Session is not invalidated on password change –> https://my.zapinfo.io – By h_-_cker
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – Email Html Injection @https://gigs.indeed.com/ – By pphreak_1001
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: stored-xss-in-public-profile-reviewsbyvj1naruto
Programme HackerOne Judge.me Judge.me Submitted by vj1naruto vj1naruto Report Stored XSS in Public Profile Reviews Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: improper-access-control-in-ali-express-importerbypenguinshelp
Programme HackerOne Judge.me Judge.me Submitted by penguinshelp penguinshelp Report Improper Access Control in Ali Express Importer Full Report A considerable...
HackerOne Bug Bounty Disclosure: self-xss-due-to-image-url-can-be-eploited-via-xssjacking-techniques-in-review-emailbypenguinshelp
Programme HackerOne Judge.me Judge.me Submitted by penguinshelp penguinshelp Report Self-XSS due to image URL can be eploited via XSSJacking techniques...
HackerOne Bug Bounty Disclosure: html-injection–(stored)bycriptex
Programme HackerOne Judge.me Judge.me Submitted by criptex criptex Report HTML INJECTION (STORED) Full Report A considerable amount of time and...
