HackerOne Bug Bounty Disclosure: cve-2022-32206:-http-compression-denial-of-servicebynyymi
Programme HackerOne curl curl Submitted by nyymi nyymi Report CVE-2022-32206: HTTP compression denial of service Full Report
bug bounty
HackerOne Bug Bounty Disclosure: api-docs-expose-an-active-token-for-the-sample-domain-theburritobot-combysainaen
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by sainaen sainaen Report API docs expose an active...
HackerOne Bug Bounty Disclosure: sign-in-with-apple-generates-long-life-jwts,-seemingly-irrevocable,-that-grant-immediate-access-to-accountsbymattipv4
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by mattipv4 mattipv4 Report Sign in with Apple generates...
HackerOne Bug Bounty Disclosure: credential-leak-when-use-two-urlbychen172
Programme HackerOne curl curl Submitted by chen172 chen172 Report Credential leak when use two url Full Report
HackerOne Bug Bounty Disclosure: cve-2022-32207:-unpreserved-file-permissionsbynyymi
Programme HackerOne curl curl Submitted by nyymi nyymi Report CVE-2022-32207: Unpreserved file permissions Full Report
HackerOne Bug Bounty Disclosure: http-request-smuggling-with-origin-rules-using-newlines-in-the-host_header-action-parameterbyalbertspedersen
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by albertspedersen albertspedersen Report HTTP request smuggling with Origin...
HackerOne Bug Bounty Disclosure: able-to-approve-admin-approval-and-change-effective-status-without-adding-payment-details–bybisesh
Programme HackerOne Reddit Reddit Submitted by bisesh bisesh Report Able to approve admin approval and change effective status without adding...
HackerOne Bug Bounty Disclosure: admin-authentication-bypass-lead-to-admin-account-takeoverby7odamo
Programme HackerOne UPS VDP UPS VDP Submitted by 7odamo 7odamo Report Admin Authentication Bypass Lead to Admin Account Takeover Full...
HackerOne Bug Bounty Disclosure: authentication-csrf-resulting-in-unauthorized-account-access-on-krisp-appbyyassineaboukir
Programme HackerOne Krisp Krisp Submitted by yassineaboukir yassineaboukir Report Authentication CSRF resulting in unauthorized account access on Krisp app Full...
HackerOne Bug Bounty Disclosure: add-more-seats-by-paying-less-via-put-/v2/seats-request-manipulationbylife__001
Programme HackerOne Krisp Krisp Submitted by life__001 life__001 Report Add more seats by paying less via PUT /v2/seats request manipulation...
BugCrowd Bug Bounty Disclosure: P1 – Asana Desktop Application Includes Personal Access Token – By lauritz
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: csrf-(protection-bypassed)-to-force-a-below-18-user-into-viewing-an-nsfw-subreddit-!bymarvelmaniac
Programme HackerOne Reddit Reddit Submitted by marvelmaniac marvelmaniac Report CSRF (protection bypassed) to force a below 18 user into viewing...
HackerOne Bug Bounty Disclosure: stored-xss-on-tiktok-live-formbyaidilarf_2000
Programme HackerOne TikTok TikTok Submitted by aidilarf_2000 aidilarf_2000 Report Stored XSS on TikTok Live Form Full Report
HackerOne Bug Bounty Disclosure: curl-“globbing”-can-lead-to-denial-of-service-attacksbyiylz
Programme HackerOne curl curl Submitted by iylz iylz Report curl "globbing" can lead to denial of service attacks Full Report
HackerOne Bug Bounty Disclosure: golang-:-hardcoded-secret-used-for-signing-jwtbyporcupineyhairs
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by porcupineyhairs porcupineyhairs Report Golang : Hardcoded secret used for signing...
HackerOne Bug Bounty Disclosure: golang-:-add-query-to-detect-pam-authorization-bugsbyporcupineyhairs
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by porcupineyhairs porcupineyhairs Report Golang : Add Query To Detect PAM...
HackerOne Bug Bounty Disclosure: cpp:-add-query-for-cwe-243-creation-of-chroot-jail-without-changing-working-directorybyihsinme
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by ihsinme ihsinme Report CPP: Add query for CWE-243 Creation of...
HackerOne Bug Bounty Disclosure: hyper-link-injection-while-signupby011alsanosi
Programme HackerOne UPchieve UPchieve Submitted by 011alsanosi 011alsanosi Report Hyper Link Injection while signup Full Report
