HackerOne Bug Bounty Disclosure: http-request-smuggling-due-to-incorrect-parsing-of-header-fieldsbyvvx7
Programme HackerOne Node.js Node.js Submitted by vvx7 vvx7 Report HTTP Request Smuggling Due to Incorrect Parsing of Header Fields Full...
bug bounty
HackerOne Bug Bounty Disclosure: cve-2022-32213-bypass-via-obs-fold-mechanicbyhaxatron1
Programme HackerOne Node.js Node.js Submitted by haxatron1 haxatron1 Report CVE-2022-32213 bypass via obs-fold mechanic Full Report A considerable amount of...
HackerOne Bug Bounty Disclosure: business-logic,-currency-arbitrage—possibility-to-pay-less-than-the-price-in-usdbyxctzn
Programme HackerOne PortSwigger Web Security PortSwigger Web Security Submitted by xctzn xctzn Report Business Logic, currency arbitrage - Possibility to...
HackerOne Bug Bounty Disclosure: node-18-reads-openssl-cnf-from-/home/iojs/build/—-upon-startup-on-macosbymhdawson
Programme HackerOne Node.js Node.js Submitted by mhdawson mhdawson Report Node 18 reads openssl.cnf from /home/iojs/build/... upon startup on MacOS Full...
HackerOne Bug Bounty Disclosure: http-request-smuggling-due-to-incorrect-parsing-of-multi-line-transfer-encoding-(improper-fix-for-cve-2022-32215)byshacharm
Programme HackerOne Node.js Node.js Submitted by shacharm shacharm Report HTTP Request Smuggling Due to Incorrect Parsing of Multi-line Transfer-Encoding (improper...
HackerOne Bug Bounty Disclosure: reflected-cross-site-scripting-via-swagger-uibywebcipher101
Programme HackerOne Adobe Adobe Submitted by webcipher101 webcipher101 Report Reflected Cross site scripting via Swagger UI Full Report A considerable...
HackerOne Bug Bounty Disclosure: a-malicious-admin-can-be-able-to-permanently-disable-a-owner(admin)-to-access-his-accountbydewcode91
Programme HackerOne Linktree Linktree Submitted by dewcode91 dewcode91 Report A malicious admin can be able to permanently disable a Owner(Admin)...
HackerOne Bug Bounty Disclosure: full-payment-bypass-to-use-premium-subscription-byn0_m3rcy
Programme HackerOne Krisp Krisp Submitted by n0_m3rcy n0_m3rcy Report Full payment bypass to use premium subscription. Full Report A considerable...
HackerOne Bug Bounty Disclosure: ability-to-view-non-permitted-admin-logbyimran_nisar
Programme HackerOne Lark Technologies Lark Technologies Submitted by imran_nisar imran_nisar Report Ability to View Non-Permitted Admin Log Full Report A...
HackerOne Bug Bounty Disclosure: removed-user-can-still-view-comments-on-the-file/documents-byimran_nisar
Programme HackerOne Lark Technologies Lark Technologies Submitted by imran_nisar imran_nisar Report Removed user can still view comments on the file/documents....
HackerOne Bug Bounty Disclosure: [csrf]-no-csrf-protection-against-sending-invitation-to-join-the-team-byimran_nisar
Programme HackerOne Lark Technologies Lark Technologies Submitted by imran_nisar imran_nisar Report No Csrf protection against sending invitation to join the...
HackerOne Bug Bounty Disclosure: dom-xss-at-`https://adobedocs-github-io/oae_partnerapi/?configurl={site}`-due-to-outdated-swagger-uibydreamer_eh
Programme HackerOne Adobe Adobe Submitted by dreamer_eh dreamer_eh Report DOM XSS at `https://adobedocs.github.io/OAE_PartnerAPI/?configUrl={site}` due to outdated Swagger UI Full Report...
HackerOne Bug Bounty Disclosure: idor-able-to-buy-a-plan-with-lesser-feebyug0x01
Programme HackerOne Automattic Automattic Submitted by ug0x01 ug0x01 Report IDOR able to buy a plan with lesser fee Full Report...
HackerOne Bug Bounty Disclosure: cve-2017-5929:-hyperledger—arbitrary-deserialization-of-untrusted-databymik-patient
Programme HackerOne Hyperledger Hyperledger Submitted by mik-patient mik-patient Report CVE-2017-5929: Hyperledger - Arbitrary Deserialization of Untrusted Data Full Report A...
HackerOne Bug Bounty Disclosure: xss-in-www-shopify-com/markets?utm_source=bynoblesix
Programme HackerOne Shopify Shopify Submitted by noblesix noblesix Report XSS in www.shopify.com/markets?utm_source= Full Report A considerable amount of time and...
HackerOne Bug Bounty Disclosure: found-origin-ip’s-lead-to-accessbyibrahim0936356
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by ibrahim0936356 ibrahim0936356 Report Found Origin IP's Lead To...
HackerOne Bug Bounty Disclosure: broken-access-discloses-users-and-pii-at-https://-[htus]byg4mb4
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by g4mb4 g4mb4 Report Broken access discloses users and...
HackerOne Bug Bounty Disclosure: [hta2]-receiving-access-request-on-@wearehackerone-com-email-addressbyjr0ch17
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by jr0ch17 jr0ch17 Report Receiving access request on @wearehackerone.com...
HackerOne Bug Bounty Disclosure: local-file-read-at-https:///-[htus]bysudi
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by sudi sudi Report Local file read at https:///...
HackerOne Bug Bounty Disclosure: blind-ssrf-via-image-upload-url-downloader-on-https:///by0x1int
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by 0x1int 0x1int Report Blind SSRF via image upload...
HackerOne Bug Bounty Disclosure: subdomain-takeover-at-http://-get8x8-com/bytestingforbugs
Programme HackerOne 8x8 8x8 Submitted by testingforbugs testingforbugs Report Subdomain Takeover at http://.get8x8.com/ Full Report A considerable amount of time...
HackerOne Bug Bounty Disclosure: idor-leaking-pii-data-via-vendorid-parameterby0x1int
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by 0x1int 0x1int Report IDOR leaking PII data via...
HackerOne Bug Bounty Disclosure: account-takeover-on–[htus]bynightm4re
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by nightm4re nightm4re Report Account takeover on Full Report...
HackerOne Bug Bounty Disclosure: ssrf-to-read-aws-metadata-at-https:///-[htus]by720922
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by 720922 720922 Report SSRF to read AWS metaData...
