bug bounty

Bug Bounty

BugCrowd Bug Bounty Disclosure: P3 – Stored XSS [doi.gov/iacb/indian-arts-and-crafts-board-potential-violation-report ] – By Xml_

April 25, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: P1 – HTTP Desync Attack (Request Smuggling) – Mass Session Hijacking – By AnkitSingh

April 25, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: P5 – Lack of Security Headers – By F_Robot

April 25, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: P4 – html injection in [https://edoiu.doi.gov/login/signup.php] – By CryptoKnight028

April 25, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: P3 – Subdomain Takeover for rtncf-rci.ral.r4.fws.gov – By thelicato

April 25, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: P2 – Privilege Escalation of Publisher Account due to IDOR – By AlWaYsHuNt

April 25, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: P3 – Able to change other publishers’ payment details – By AlWaYsHuNt

April 25, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: P1 – RCE in Bitbucket DataCenter via HazelCastPort – By SnowyOwl

April 25, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: P5 – Broken Access Control Issue. – By jeetbhdr

April 25, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: P3 – postMessage XSS in Tesla Payment page – By TheTime

April 25, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: P4 – Xss on – employers.indeed.com – By ig420_vrush

April 25, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: P5 – Information Disclosure via url tampering – By murderfalcon

April 25, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: P4 – #2 BLIND XSS ON CONTACT PAGE .doi.gov/contact-us – By Msjsoi323_

April 25, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: P1 – Log4Shell (CVE-2021-44228) – By aminei

April 25, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: P5 – Information exposure through Directory Listing – By jaibalaji

April 25, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: P5 – CSRF Leads to Logout any Loggedin user from their session – By DeadSniper

April 25, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: P5 – Clickjack Bug in Website – By ethicalpanther

April 25, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

HackerOne Bug Bounty Disclosure: attacker-can-bypass-authentication-build-on-ingress-external-auth-(`nginx-ingress-kubernetes-io/auth-url`)bythisbug

April 23, 2022

Programme HackerOne Kubernetes Kubernetes Submitted by thisbug thisbug Report Attacker can bypass authentication build on ingress external auth (`nginx.ingress.kubernetes.io/auth-url`) Full...

bug bounty

BugCrowd Bug Bounty Disclosure: P3 – Stored XSS [doi.gov/iacb/indian-arts-and-crafts-board-potential-violation-report ] – By Xml_

BugCrowd Bug Bounty Disclosure: P1 – HTTP Desync Attack (Request Smuggling) – Mass Session Hijacking – By AnkitSingh

BugCrowd Bug Bounty Disclosure: P5 – Lack of Security Headers – By F_Robot

BugCrowd Bug Bounty Disclosure: P4 – html injection in [https://edoiu.doi.gov/login/signup.php] – By CryptoKnight028

BugCrowd Bug Bounty Disclosure: P3 – Subdomain Takeover for rtncf-rci.ral.r4.fws.gov – By thelicato

BugCrowd Bug Bounty Disclosure: P2 – Privilege Escalation of Publisher Account due to IDOR – By AlWaYsHuNt

BugCrowd Bug Bounty Disclosure: P3 – Able to change other publishers’ payment details – By AlWaYsHuNt

BugCrowd Bug Bounty Disclosure: P1 – RCE in Bitbucket DataCenter via HazelCastPort – By SnowyOwl

BugCrowd Bug Bounty Disclosure: P5 – Broken Access Control Issue. – By jeetbhdr

BugCrowd Bug Bounty Disclosure: P3 – postMessage XSS in Tesla Payment page – By TheTime

BugCrowd Bug Bounty Disclosure: P4 – Xss on – employers.indeed.com – By ig420_vrush

BugCrowd Bug Bounty Disclosure: P5 – Information Disclosure via url tampering – By murderfalcon

BugCrowd Bug Bounty Disclosure: P4 – #2 BLIND XSS ON CONTACT PAGE .doi.gov/contact-us – By Msjsoi323_

BugCrowd Bug Bounty Disclosure: P1 – Log4Shell (CVE-2021-44228) – By aminei

BugCrowd Bug Bounty Disclosure: P5 – Information exposure through Directory Listing – By jaibalaji

BugCrowd Bug Bounty Disclosure: P5 – CSRF Leads to Logout any Loggedin user from their session – By DeadSniper

BugCrowd Bug Bounty Disclosure: P5 – Clickjack Bug in Website – By ethicalpanther

HackerOne Bug Bounty Disclosure: attacker-can-bypass-authentication-build-on-ingress-external-auth-(`nginx-ingress-kubernetes-io/auth-url`)bythisbug

HackerOne Bug Bounty Disclosure: bypass-of-fix-#1370749byencryptsaan123

Bug Bounty API Key Testing CheatSheet

GitHub Increases Bug Bounty Program Rewards

[APT73] – Ransomware Victim: www[.]fpj[.]com[.]py

[HUNTERS] – Ransomware Victim: Horsa

CVE Alert: CVE-2024-52498

CVE Alert: CVE-2024-52499

CVE Alert: CVE-2024-52501

You may have missed