HackerOne Bug Bounty Disclosure: grafana-rce-via-smtp-server-parameter-injectionbyjarij
Programme HackerOne Aiven Ltd Aiven Ltd Submitted by jarij jarij Report Grafana RCE via SMTP server parameter injection Full Report...
bug bounty
HackerOne Bug Bounty Disclosure: [kafka-connect]-[jdbcsinkconnector][httpsinkconnector]-rce-by-leveraging-file-upload-via-sqlite-jdbc-driver-and-ssrf-to-internal-jolokiabyjarij
Programme HackerOne Aiven Ltd Aiven Ltd Submitted by jarij jarij Report RCE by leveraging file upload via SQLite JDBC driver...
HackerOne Bug Bounty Disclosure: apache-flink-rce-via-get-jar/plan-api-endpointbyjarij
Programme HackerOne Aiven Ltd Aiven Ltd Submitted by jarij jarij Report Apache Flink RCE via GET jar/plan API Endpoint Full...
HackerOne Bug Bounty Disclosure: kafka-connect-rce-via-connector-sasl–jaas-jndiloginmodule-configurationbyjarij
Programme HackerOne Aiven Ltd Aiven Ltd Submitted by jarij jarij Report Kafka Connect RCE via connector SASL JAAS JndiLoginModule configuration...
BugCrowd Bug Bounty Disclosure: – Panel access at https://news-push-88.op-mobile.opera.com/. – By rahul0x01
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – Panel access at https://news-push-88.op-mobile.opera.com/. – By rahul0x01
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: completely-remove-vpn-profile-from-locked-warp-ios-cient-byjoshatmotion
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by joshatmotion joshatmotion Report Completely remove VPN profile from...
HackerOne Bug Bounty Disclosure: bypass-cloudflare-warp-lock-on-ios-byjoshatmotion
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by joshatmotion joshatmotion Report Bypass Cloudflare WARP lock on...
HackerOne Bug Bounty Disclosure: i-found-another-way-to-bypass-cloudflare-warp-lock!byjoshatmotion
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by joshatmotion joshatmotion Report I found another way to...
HackerOne Bug Bounty Disclosure: dos-via-issue-previewbylegit-security
Programme HackerOne GitLab GitLab Submitted by legit-security legit-security Report DOS via issue preview Full Report A considerable amount of time...
HackerOne Bug Bounty Disclosure: dos-via-move_issuebylegit-security
Programme HackerOne GitLab GitLab Submitted by legit-security legit-security Report DOS via move_issue Full Report A considerable amount of time and...
HackerOne Bug Bounty Disclosure: path-paths-and-file-disclosure-vulnerabilities-at-influxdb-quality-gitlab-netbyotoyyy
Programme HackerOne GitLab GitLab Submitted by otoyyy otoyyy Report Path paths and file disclosure vulnerabilities at influxdb.quality.gitlab.net Full Report A...
HackerOne Bug Bounty Disclosure: repositorypipeline-allows-importing-of-local-git-reposbyvakzz
Programme HackerOne GitLab GitLab Submitted by vakzz vakzz Report RepositoryPipeline allows importing of local git repos Full Report A considerable...
BugCrowd Bug Bounty Disclosure: – Several internal applications have open CORS, allowing external folks to access the content – By bigBugGuy
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: command-injection-in-github-actions-containerstephostbyjupenur
Programme HackerOne GitHub GitHub Submitted by jupenur jupenur Report Command injection in GitHub Actions ContainerStepHost Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: archived-/-deleted-/-private-poll-can-be-viewed-by-another-users-[crowdsignal-wordpress-plugins]byapapedulimu
Programme HackerOne Automattic Automattic Submitted by apapedulimu apapedulimu Report Archived / Deleted / Private Poll Can Be Viewed by Another...
HackerOne Bug Bounty Disclosure: stored-xss-in-intensedebate-com-via-the-comments-rssbybugra
Programme HackerOne Automattic Automattic Submitted by bugra bugra Report Stored XSS in intensedebate.com via the Comments RSS Full Report A...
HackerOne Bug Bounty Disclosure: xss-in-socialicon-linkbysudi
Programme HackerOne Linktree Linktree Submitted by sudi sudi Report XSS in SocialIcon Link Full Report A considerable amount of time...
HackerOne Bug Bounty Disclosure: accessing/editing-folders-of-other-users-in-the-orginisation-bysnapsec
Programme HackerOne Lark Technologies Lark Technologies Submitted by snapsec snapsec Report Accessing/Editing Folders of Other Users in the Orginisation. Full...
HackerOne Bug Bounty Disclosure: html-injection-found-on-https://adobedocs-github-io/analytics-1-4-apis/swagger-docs-html-due-to-outdated-swagger-uibydreamer_eh
Programme HackerOne Adobe Adobe Submitted by dreamer_eh dreamer_eh Report HTML INJECTION FOUND ON https://adobedocs.github.io/analytics-1.4-apis/swagger-docs.html DUE TO OUTDATED SWAGGER UI Full...
HackerOne Bug Bounty Disclosure: cve-2022-42916:-hsts-bypass-via-idnbykurohiro
Programme HackerOne curl curl Submitted by kurohiro kurohiro Report CVE-2022-42916: HSTS bypass via IDN Full Report A considerable amount of...
HackerOne Bug Bounty Disclosure: cve-2022-35260:–netrc-parser-out-of-bounds-accessbykurohiro
Programme HackerOne curl curl Submitted by kurohiro kurohiro Report CVE-2022-35260: .netrc parser out-of-bounds access Full Report A considerable amount of...
HackerOne Bug Bounty Disclosure: subdomain-takeover-on-‘de-headless-staging-gymshark-com’bya-p0c
Programme HackerOne Gymshark Gymshark Submitted by a-p0c a-p0c Report Subdomain takeover on 'de-headless.staging.gymshark.com' Full Report A considerable amount of time...
HackerOne Bug Bounty Disclosure: weak-randomness-in-webcrypto-keygenbybnoordhuis
Programme HackerOne Node.js Node.js Submitted by bnoordhuis bnoordhuis Report Weak randomness in WebCrypto keygen Full Report A considerable amount of...
