bug bounty

hackerone

HackerOne Bug Bounty Disclosure: firebase-database-takeover-in-https://pulseradio-mtn-co-ug/byshuvam321

December 1, 2022

Programme HackerOne MTN Group MTN Group Submitted by shuvam321 shuvam321 Report Firebase Database Takeover in https://pulseradio.mtn.co.ug/ Full Report A considerable...

Read More

hackerone

HackerOne Bug Bounty Disclosure: cve-2022-45402:-apache-airflow:-open-redirect-during-loginbybugra

December 1, 2022

Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by bugra bugra Report CVE-2022-45402: Apache Airflow: Open redirect during login...

Read More

hackerone

HackerOne Bug Bounty Disclosure: remove-every-user,-admin,-and-owner-out-of-their-teams-on-developers-mtn-com-via-idor-+-information-disclosurebywallotry

December 1, 2022

Programme HackerOne MTN Group MTN Group Submitted by wallotry wallotry Report Remove Every User, Admin, And Owner Out Of Their...

Read More

hackerone

HackerOne Bug Bounty Disclosure: unprotected-direct-object-referencebycoyemerald

December 1, 2022

Programme HackerOne MTN Group MTN Group Submitted by coyemerald coyemerald Report Unprotected Direct Object Reference Full Report A considerable amount...

Read More

hackerone

HackerOne Bug Bounty Disclosure: double-evaluation-in–bash_prompt-of-dotfiles-allows-a-malicious-repository-to-execute-arbitrary-commandsbyryotak

December 1, 2022

Programme HackerOne Ian Dunn Ian Dunn Submitted by ryotak ryotak Report Double evaluation in .bash_prompt of dotfiles allows a malicious...

Read More

hackerone

HackerOne Bug Bounty Disclosure: if-the-website-does-not-impose-additional-defense-against-csrf-attacks,-failing-to-use-the-‘lax’-or-‘strict’-values-could-increase-the-risk-of-exposurbyshubhangirathore836

November 30, 2022

Programme HackerOne Yelp Yelp Submitted by shubhangirathore836 shubhangirathore836 Report If the website does not impose additional defense against CSRF attacks,...

Read More

hackerone

HackerOne Bug Bounty Disclosure: i-found-some-api-keys-in-js-files-,huge-leak-of–token-addresses-and-huge-amount-of-js-files-are-not-forbiddenbyorange_h

November 29, 2022

Programme HackerOne AMBER AI AMBER AI Submitted by orange_h orange_h Report I found some api keys in js files ,huge...

Read More

hackerone

HackerOne Bug Bounty Disclosure: stored-xss-in-dovetale-by-application-of-creatorbykun_19

November 29, 2022

Programme HackerOne Shopify Shopify Submitted by kun_19 kun_19 Report Stored XSS in Dovetale by application of creator Full Report A...

Read More

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Vulnerable to Log4j – By Ractiurd

November 28, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Read More

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Information Disclosure of sensitive data CVE-2017-5487 – By technoking

November 28, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Read More

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Reflected XSS – By mewtw0

November 28, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Read More

Bug Bounty

BugCrowd Bug Bounty Disclosure: – HTML Injection in meeting owner email – By mega7

November 28, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Read More

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Panel access at https://news-push-88.op-mobile.opera.com/. – By rahul0x01

November 28, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Read More

Bug Bounty

BugCrowd Bug Bounty Disclosure: – HTML Injection in email when deactivate a user – By mega7

November 28, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Read More

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Impersonation via Broken Link Hijacking on https://sv.hellosign.com – By CoffeeAddict_exe

November 28, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Read More

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Open Redirect On login Page – By RizwanSiDdiqu1

November 28, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Read More

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Session fixation – By cyber_ritik

November 28, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Read More

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Failed to validate Session after Password Change. – By cyber_ritik

November 28, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Read More

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Publisher owner doesn’t able to delete low privilege user – By AlWaYsHuNt

November 28, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Read More

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Impersonation via Broken Link Hijacking on https://sv.hellosign.com – By CoffeeAddict_exe

November 28, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Read More

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Panel access at https://news-push-88.op-mobile.opera.com/. – By rahul0x01

November 28, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Read More

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Impersonation via Broken Link Hijacking on https://sv.hellosign.com – By CoffeeAddict_exe

November 28, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Read More

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Panel access at https://news-push-88.op-mobile.opera.com/. – By rahul0x01

November 28, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Read More

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Impersonation via Broken Link Hijacking on https://sv.hellosign.com – By CoffeeAddict_exe

November 27, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Read More

Cobalt-Strike

Cobalt Strike Beacon Detected – 111[.]119[.]217[.]51:8889

January 10, 2025

Cobalt-Strike

Cobalt Strike Beacon Detected – 115[.]120[.]210[.]236:9999

January 10, 2025

Cobalt-Strike

Cobalt Strike Beacon Detected – 23[.]94[.]169[.]124:9090

January 10, 2025

Cobalt-Strike

Cobalt Strike Beacon Detected – 8[.]217[.]7[.]159:1234

January 10, 2025

Cobalt-Strike

Cobalt Strike Beacon Detected – 106[.]14[.]69[.]133:8999

January 10, 2025