HackerOne Bug Bounty Disclosure: managing-pagesbyali_shehab
Programme HackerOne GitHub GitHub Submitted by ali_shehab ali_shehab Report Managing Pages Full Report A considerable amount of time and effort...
bug bounty
HackerOne Bug Bounty Disclosure: host-header-injection-that-bypassed-protection-and-allowed-accessing-multiple-subdomainsbymusashi42
Programme HackerOne Urban Company Urban Company Submitted by musashi42 musashi42 Report Host header injection that bypassed protection and allowed accessing...
HackerOne Bug Bounty Disclosure: cve-2022-43551:-another-hsts-bypass-via-idnbykurohiro
Programme HackerOne curl curl Submitted by kurohiro kurohiro Report CVE-2022-43551: Another HSTS bypass via IDN Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: missing-length-validation-of-user-displayname-allows-to-generate-an-sql-errorbyerrorx404
Programme HackerOne Nextcloud Nextcloud Submitted by errorx404 errorx404 Report Missing length validation of user displayname allows to generate an SQL...
HackerOne Bug Bounty Disclosure: [user_oidc]-unencrypted-communicationsbylauritz
Programme HackerOne Nextcloud Nextcloud Submitted by lauritz lauritz Report Unencrypted Communications Full Report A considerable amount of time and effort...
HackerOne Bug Bounty Disclosure: [user_oidc]-stored-xss-via-authorization-endpoint—safari-onlybylauritz
Programme HackerOne Nextcloud Nextcloud Submitted by lauritz lauritz Report Stored XSS via Authorization Endpoint - Safari-Only Full Report A considerable...
HackerOne Bug Bounty Disclosure: email-verification-bypass-allows-users-to-add-&-verify-any-email–as-guardians-emailbyshuvam321
Programme HackerOne Khan Academy Khan Academy Submitted by shuvam321 shuvam321 Report Email Verification Bypass Allows Users to Add & verify...
HackerOne Bug Bounty Disclosure: akismet-api-keys-are-exposed-by-authentication-methodbyaaroncarson
Programme HackerOne Automattic Automattic Submitted by aaroncarson aaroncarson Report Akismet API keys are exposed by authentication method Full Report A...
HackerOne Bug Bounty Disclosure: firebase-credentials-leakbyjimmisimon
Programme HackerOne MTN Group MTN Group Submitted by jimmisimon jimmisimon Report Firebase credentials leak Full Report A considerable amount of...
HackerOne Bug Bounty Disclosure: [mk8dx]-improper-verification-of-competition-creation-allows-to-create-“official”-competitionsbyrambo6glaz
Programme HackerOne Nintendo Nintendo Submitted by rambo6glaz rambo6glaz Report Improper verification of Competition creation allows to create "Official" competitions Full...
BugCrowd Bug Bounty Disclosure: – Authorized drivers can disable remote monitoring – By KLWTTS
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: electron-cve-2022-35954-delimiter-injection-vulnerability-in-exportvariablebytheinternetofdefcon_
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by theinternetofdefcon_ theinternetofdefcon_ Report Electron CVE-2022-35954 Delimiter Injection Vulnerability in exportVariable...
HackerOne Bug Bounty Disclosure: dos-via-markdown-api-from-unauthenticated-userbylegit-security
Programme HackerOne GitHub GitHub Submitted by legit-security legit-security Report DoS via markdown API from unauthenticated user Full Report A considerable...
HackerOne Bug Bounty Disclosure: link-shortener-bypass-(regression-on-fix-for-#1032610)byjub0bs
Programme HackerOne Twitter Twitter Submitted by jub0bs jub0bs Report Link-shortener bypass (regression on fix for #1032610) Full Report A considerable...
HackerOne Bug Bounty Disclosure: cd=false-(dnssec)-not-respected-in-dns-over-https-json-requestsbymattipv4
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by mattipv4 mattipv4 Report cd=false (DNSSEC) not respected in...
HackerOne Bug Bounty Disclosure: unauthorized-access-to-resumes-stored-on-linkedinbyheadhunter
Programme HackerOne LinkedIn LinkedIn Submitted by headhunter headhunter Report Unauthorized access to resumes stored on LinkedIn Full Report A considerable...
BugCrowd Bug Bounty Disclosure: – Reflected Cross Site Scripting (XSS) on https://gamemaker.io/account/dashboard – By abitsec
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: unprotected-atlantis-server-at-https://152-70–byshuvam321
Programme HackerOne 8x8 8x8 Submitted by shuvam321 shuvam321 Report Unprotected Atlantis Server at https://152.70.. Full Report A considerable amount of...
HackerOne Bug Bounty Disclosure: xss-in-linktr-ee—on-link-thumbnail-addingbyjagata
Programme HackerOne Linktree Linktree Submitted by jagata jagata Report XSS in linktr.ee - on link thumbnail adding Full Report A...
HackerOne Bug Bounty Disclosure: idor-in-stats-api-endpoint-allows-viewing-equity-or-net-profit-of-any-mt-accountbyashwarya
Programme HackerOne EXNESS EXNESS Submitted by ashwarya ashwarya Report IDOR in Stats API Endpoint Allows Viewing Equity or Net Profit...
BugCrowd Bug Bounty Disclosure: – HTML Injection > licensing.fcc.gov – By Naplon
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: authentication-bypass-in-https://nin-mtn-ngbyroland_hack
Programme HackerOne MTN Group MTN Group Submitted by roland_hack roland_hack Report Authentication bypass in https://nin.mtn.ng Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: calendar-name-length-not-validated-before-writing-to-databasebyerrorx404
Programme HackerOne Nextcloud Nextcloud Submitted by errorx404 errorx404 Report Calendar name length not validated before writing to database Full Report...
HackerOne Bug Bounty Disclosure: firebase-database-takeover-in-https://pulseradio-mtn-co-ug/byshuvam321
Programme HackerOne MTN Group MTN Group Submitted by shuvam321 shuvam321 Report Firebase Database Takeover in https://pulseradio.mtn.co.ug/ Full Report A considerable...
