HackerOne Bug Bounty Disclosure: reflected-xss-in-[www-equifax-com]byabdoj
Programme HackerOne Equifax-vdp Equifax-vdp Submitted by abdoj abdoj Report reflected XSS in Full Report A considerable amount of time...
bug bounty
HackerOne Bug Bounty Disclosure: reentrancy-attack-in-eth-monero-atomic-swapbyfarinavito123
Programme HackerOne Monero Monero Submitted by farinavito123 farinavito123 Report Reentrancy attack in eth-monero atomic swap Full Report A considerable...
HackerOne Bug Bounty Disclosure: cve-2018-6389-exploitation—using-scripts-loaderbysalokin
Programme HackerOne Fastly VDP Fastly VDP Submitted by salokin salokin Report CVE-2018-6389 exploitation - using scripts loader Full Report ...
HackerOne Bug Bounty Disclosure: web-cache-deception-vulnerability-on-algolia-com-leads-to-personal-information-leakagebygolim
Programme HackerOne Algolia Algolia Submitted by golim golim Report Web Cache Deception vulnerability on algolia.com leads to personal information leakage...
BugCrowd Bug Bounty Disclosure: – Increase Rank on Bugcrowd Platform. – By MuhammadKhizerJaved
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – Subdomain Takeover on worldcup.starlink.com – By ibrahimnet
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: sensitive-information-disclosurebyashishmurugan
Programme HackerOne Trellix Trellix Submitted by ashishmurugan ashishmurugan Report Sensitive Information Disclosure Full Report A considerable amount of time...
HackerOne Bug Bounty Disclosure: cloudflare-is-not-properly-deleting-user’s-accountbyali_hassan_khan
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by ali_hassan_khan ali_hassan_khan Report Cloudflare is not properly deleting...
HackerOne Bug Bounty Disclosure: a-malicious-actor-could-rotate-tokens-of-a-victim,-given-that-he-knows-the-victim’s-token-idbyesx
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by esx esx Report A malicious actor could rotate...
HackerOne Bug Bounty Disclosure: possible-to-spoof-origin-in-“connected-sites”byrenniepak
Programme HackerOne MetaMask MetaMask Submitted by renniepak renniepak Report Possible to spoof Origin in "Connected Sites" Full Report A...
HackerOne Bug Bounty Disclosure: remote-code-execution-on-owncloud-instances-with-imagemagick-installedbylukasreschke
Programme HackerOne ownCloud ownCloud Submitted by lukasreschke lukasreschke Report Remote Code Execution on ownCloud instances with ImageMagick installed Full Report...
HackerOne Bug Bounty Disclosure: adding-h1_analyst_*-to-username-for-normal-usersbyrefaat01
Programme HackerOne HackerOne HackerOne Submitted by refaat01 refaat01 Report adding h1_analyst_* to username for normal users Full Report A...
HackerOne Bug Bounty Disclosure: github-security-lab-(ghsl)-vulnerability-report:-sqlinjection-in-filecontentprovider-kt-(ghsl-2022-059)byatorralba
Programme HackerOne ownCloud ownCloud Submitted by atorralba atorralba Report GitHub Security Lab (GHSL) Vulnerability Report: SQLInjection in FileContentProvider.kt (GHSL-2022-059) Full...
HackerOne Bug Bounty Disclosure: ability-to-read-any-emails-through-idor-on-nextcloud-mailbyctulhu
Programme HackerOne Nextcloud Nextcloud Submitted by ctulhu ctulhu Report Ability to read any emails through IDOR on Nextcloud Mail Full...
HackerOne Bug Bounty Disclosure: can-delete-other-user’s-post-and-company-page-postbyanandpingsafe
Programme HackerOne LinkedIn LinkedIn Submitted by anandpingsafe anandpingsafe Report Can delete other user's post and company page post Full Report...
HackerOne Bug Bounty Disclosure: testing-flow-includes-a-deepsource-secretbytriplesided
Programme HackerOne Weblate Weblate Submitted by triplesided triplesided Report Testing flow includes a DeepSource secret Full Report A considerable...
HackerOne Bug Bounty Disclosure: sensitive-information-for-phpinfo-php-at-https://products-ean-com/byexploitmsf
Programme HackerOne Expedia Group Bug Bounty Expedia Group Bug Bounty Submitted by exploitmsf exploitmsf Report Sensitive information for phpinfo.php at...
HackerOne Bug Bounty Disclosure: idor-in-talentmap-api-can-be-abused-to-enumerate-personal-information-of-all-the-usersbynepalihacker0x01
Programme HackerOne U.S. Department of State U.S. Department of State Submitted by nepalihacker0x01 nepalihacker0x01 Report IDOR in TalentMAP API can...
BugCrowd Bug Bounty Disclosure: – Linux client – command injection – local privilege escalation – By mmmdspl
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: session-mismatch-leading-to-potential-account-takeover-(local-access-required)byostracize
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by ostracize ostracize Report Session mismatch leading to potential...
HackerOne Bug Bounty Disclosure: website-php-source-code-returned-in-javascriptbymdfarhanchowdhuryhasin
Programme HackerOne Nextcloud Nextcloud Submitted by mdfarhanchowdhuryhasin mdfarhanchowdhuryhasin Report Website PHP source code returned in javascript Full Report A...
HackerOne Bug Bounty Disclosure: ability-to-control-the-filename-when-uploading-a-logo-or-favicon-on-themingbyctulhu
Programme HackerOne Nextcloud Nextcloud Submitted by ctulhu ctulhu Report Ability to control the filename when uploading a logo or favicon...
HackerOne Bug Bounty Disclosure: full-passcode-bypass-on-nextcloud-app-iosbyctulhu
Programme HackerOne Nextcloud Nextcloud Submitted by ctulhu ctulhu Report Full Passcode bypass on Nextcloud App iOS Full Report A...
HackerOne Bug Bounty Disclosure: use-of-cryptographically-weak-pseudo-random-number-generator-in-webcrypto-keygenbybn00rdhuis
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by bn00rdhuis bn00rdhuis Report Use of Cryptographically Weak Pseudo-Random Number Generator...
