HackerOne Bug Bounty Disclosure: self-xss-in-attachments-namebymega7
Programme HackerOne Acronis Acronis Submitted by mega7 mega7 Report Self XSS in attachments name Full Report
bug bounty
HackerOne Bug Bounty Disclosure: users-who-are-restricted-to-use-the-application-because-of-a-“waiting-list”-are-able-to-get-access-to-the-beta-application-by-bypassing-the-waitlistbydarkknight4688
Programme HackerOne Alohi Alohi Submitted by darkknight4688 darkknight4688 Report Users who are restricted to use the application because of a...
HackerOne Bug Bounty Disclosure: control-character-filtering-misses-leading-and-trailing-whitespace-in-file-and-folder-namesbydavid_h1
Programme HackerOne Nextcloud Nextcloud Submitted by david_h1 david_h1 Report Control character filtering misses leading and trailing whitespace in file and...
HackerOne Bug Bounty Disclosure: notification-implicit-pendingintent-in-com-nextcloud-client-allows-to-access-contactsbyqj_test
Programme HackerOne Nextcloud Nextcloud Submitted by qj_test qj_test Report Notification implicit PendingIntent in com.nextcloud.client allows to access contacts Full Report
HackerOne Bug Bounty Disclosure: [urgent]-critical-vulnerability-[rce]-on–vulnerable-to-remote-code-execution-by-exploiting-ms15-034,-cve-2015-1635byashutosh7
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by ashutosh7 ashutosh7 Report Critical Vulnerability on vulnerable to...
HackerOne Bug Bounty Disclosure: read-other-users-reports-through-cloningbyhollaatm3
Programme HackerOne U.S. General Services Administration U.S. General Services Administration Submitted by hollaatm3 hollaatm3 Report Read Other Users Reports Through...
HackerOne Bug Bounty Disclosure: cross-site-scripting-on-dashboard2-omise-cobyoblivionlight
Programme HackerOne Omise Omise Submitted by oblivionlight oblivionlight Report Cross-site scripting on dashboard2.omise.co Full Report
HackerOne Bug Bounty Disclosure: [com-exness-android-pa-android]-universal-xss-in-webview–lead-to-steal-user-cookiesbynearsecurity
Programme HackerOne EXNESS EXNESS Submitted by nearsecurity nearsecurity Report Universal XSS in webview. Lead to steal user cookies Full Report
HackerOne Bug Bounty Disclosure: arbitrary-post-request-as-victim-user-from-html-injection-in-jupyter-notebooksbyjoaxcar
Programme HackerOne GitLab GitLab Submitted by joaxcar joaxcar Report Arbitrary POST request as victim user from HTML injection in Jupyter...
HackerOne Bug Bounty Disclosure: clickjacking-at–app-lemlist-combyondermedia
Programme HackerOne lemlist lemlist Submitted by ondermedia ondermedia Report Clickjacking at app.lemlist.com Full Report
HackerOne Bug Bounty Disclosure: sensitive-files/-data-exists–post-deletion-of-user-accountbygeekysherlock
Programme HackerOne Nextcloud Nextcloud Submitted by geekysherlock geekysherlock Report Sensitive files/ data exists post deletion of user account Full Report
HackerOne Bug Bounty Disclosure: error-in-deleting-deck-cards-attachment-reveals-the-full-path-of-the-websitebyctulhu
Programme HackerOne Nextcloud Nextcloud Submitted by ctulhu ctulhu Report Error in Deleting Deck cards attachment reveals the full path of...
HackerOne Bug Bounty Disclosure: nextcloud-deck-:-possibility-for-anyone-to-add-a-stack-with-existing-tasks-on-anyone’s-boardbysupr4s
Programme HackerOne Nextcloud Nextcloud Submitted by supr4s supr4s Report Nextcloud Deck : Possibility for anyone to add a stack with...
HackerOne Bug Bounty Disclosure: stored-xss-in-repository-file-viewerbykannthu
Programme HackerOne GitLab GitLab Submitted by kannthu kannthu Report Stored XSS in repository file viewer Full Report
HackerOne Bug Bounty Disclosure: email-html-injectionbysmitgharat0001
Programme HackerOne Slack Slack Submitted by smitgharat0001 smitgharat0001 Report Email html Injection Full Report
HackerOne Bug Bounty Disclosure: xss-and-iframe-injection-on-tiktok-ads-portal-using-redirect-paramsbycancerz
Programme HackerOne TikTok TikTok Submitted by cancerz cancerz Report XSS and iframe injection on tiktok ads portal using redirect params...
HackerOne Bug Bounty Disclosure: conduit-feed-publish-api-allows-you-to-spoof-other-users-or-make-it-look-like-you-have-access-to-a-restricted-objectbydyls
Programme HackerOne Phabricator Phabricator Submitted by dyls dyls Report Conduit feed.publish API allows you to spoof other users or make...
HackerOne Bug Bounty Disclosure: integer-overflow-vulnerabilityby0f1c3r
Programme HackerOne Glovo Glovo Submitted by 0f1c3r 0f1c3r Report Integer overflow vulnerability Full Report
HackerOne Bug Bounty Disclosure: [app-lemlist-com]-improper-handling-of-payment-lead-to-bypass-paymentbyomarelfarsaoui
Programme HackerOne lemlist lemlist Submitted by omarelfarsaoui omarelfarsaoui Report Improper handling of payment lead to bypass payment Full Report
HackerOne Bug Bounty Disclosure: http-request-smuggling-in-transform-rules-using-hexadecimal-escape-sequences-in-the-concat()-functionbyalbertspedersen
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by albertspedersen albertspedersen Report HTTP Request Smuggling in Transform...
HackerOne Bug Bounty Disclosure: site-information’s-display-name-section-vulnerable-for-xss-attacks-and-html-injections-bysawrav-chowdhury
Programme HackerOne Automattic Automattic Submitted by sawrav-chowdhury sawrav-chowdhury Report Site information's Display Name section vulnerable for XSS attacks and HTML...
HackerOne Bug Bounty Disclosure: cve-2022-27781:-certinfo-never-ending-busy-loopbysybr
Programme HackerOne curl curl Submitted by sybr sybr Report CVE-2022-27781: CERTINFO never-ending busy-loop Full Report
HackerOne Bug Bounty Disclosure: security-misconfigurationbymr23r0
Programme HackerOne lemlist lemlist Submitted by mr23r0 mr23r0 Report Security misconfiguration Full Report
HackerOne Bug Bounty Disclosure: origin-ip-found,-waf-cloudflare-bypassbymrrobot2050
Programme HackerOne SMTP2GO BBP SMTP2GO BBP Submitted by mrrobot2050 mrrobot2050 Report Origin IP found, WAF Cloudflare Bypass Full Report
