HackerOne Bug Bounty Disclosure: any-expired-reset-password-link-can-still-be-used-to-reset-the-passwordbymrccrqr
Programme HackerOne Acronis Acronis Submitted by mrccrqr mrccrqr Report Any expired reset password link can still be used to reset...
bug bounty
HackerOne Bug Bounty Disclosure: api-key-reported-in-#1465145-not-rotated-and-thus-is-still-valid-and-can-be-used-by-anyonebyaneeeketh
Programme HackerOne Adobe Adobe Submitted by aneeeketh aneeeketh Report API Key reported in #1465145 not rotated and thus is still...
BugCrowd Bug Bounty Disclosure: – Panel access at https://news-push-88.op-mobile.opera.com/. – By rahul0x01
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: blind-ssrf-on-platform-dash-cloudflare-com-due-to-sentry-misconfigurationbylohigowda
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by lohigowda lohigowda Report Blind SSRF on platform.dash.cloudflare.com Due...
HackerOne Bug Bounty Disclosure: cve-2022-35252:-control-code-in-cookie-denial-of-servicebyhaxatron1
Programme HackerOne curl curl Submitted by haxatron1 haxatron1 Report CVE-2022-35252: control code in cookie denial of service Full Report A...
HackerOne Bug Bounty Disclosure: enable-2fa-verification-without-verifying-email-leads-account-takeoverbymotu-vai
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by motu-vai motu-vai Report Enable 2Fa verification without verifying...
BugCrowd Bug Bounty Disclosure: – Html injection in Send email to recipient – By rynexx
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: pause-based-desync-in-apache-httpdbyalbinowax
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by albinowax albinowax Report Pause-based desync in Apache HTTPD Full Report...
HackerOne Bug Bounty Disclosure: default-login-credentials-on-https://broadbandmaps-mtn-com-gh/bytheranger
Programme HackerOne MTN Group MTN Group Submitted by theranger theranger Report Default Login Credentials on https://broadbandmaps.mtn.com.gh/ Full Report A considerable...
HackerOne Bug Bounty Disclosure: unauthorized-accessbymega7
Programme HackerOne GitLab GitLab Submitted by mega7 mega7 Report Unauthorized access Full Report A considerable amount of time and effort...
HackerOne Bug Bounty Disclosure: non-revoked-api-key-information-disclosure-via-stripo_report()bydeb0con
Programme HackerOne Stripo Inc Stripo Inc Submitted by deb0con deb0con Report Non-revoked API Key Information disclosure via Stripo_report() Full Report...
HackerOne Bug Bounty Disclosure: support-invisionpower-com-takeover-the-subdomain-with-zendeskbyfthacker101
Programme HackerOne Invision Power Services, Inc. Invision Power Services, Inc. Submitted by fthacker101 fthacker101 Report support.invisionpower.com takeover the subdomain with...
HackerOne Bug Bounty Disclosure: golang-expvar-information-disclosurebymustafa_farrag
Programme HackerOne Uber Uber Submitted by mustafa_farrag mustafa_farrag Report Golang expvar Information Disclosure Full Report A considerable amount of time...
BugCrowd Bug Bounty Disclosure: – XSS via Google Drive – https://www.indeed.jobs/career/Profile – By CGuillaume
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – No Rate Limiting on resend email option when signing up for an account – By CyberKey
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – Self XSS on my.indeed.com affecting multiple input fields – By iman122
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – XSS via file name – https://sms.indeed.com/signup/signage-details/ – By CGuillaume
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – Asana Desktop Application Includes Personal Access Token – By lauritz
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – Email HTML Injection at https://baito.indeed.com – By danibhai
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – Reflected XSS in https://www.indeed.com/career-advice/ – By cr00k
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – Publisher owner doesn’t able to delete low privilege user – By AlWaYsHuNt
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – xss – By Ramesh_Kumar
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – No DMARC Record Found – By sujan_shetty
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – Xss in resume – By Saidul_islam
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
