2024-11-23 |
[$505] Internet Bug Bounty: `std::process::Command` batch files argument escaping could be bypassed with trailing whitespace or periods |
hackerone.com |
|
2024-11-22 |
Mars: phpinfo() exposed on ██████████ |
hackerone.com |
|
2024-11-22 |
Mars: phpinfo() exposed on ██████████ |
hackerone.com |
|
2024-11-22 |
Mars: Upload profile photo and Pets addition - IDOR |
hackerone.com |
|
2024-11-22 |
Mars: RXSS on ████ via q parameter |
hackerone.com |
|
2024-11-21 |
Nextcloud: External storage - global credentials returned to the client side in plaintext |
hackerone.com |
|
2024-11-21 |
[$200] Acronis: DOM Based Cookie Bomb in *.acronis.com via x-clickref GET Parameter |
hackerone.com |
|
2024-11-20 |
Mozilla: csrftoken not unique to session or specific user and csrfmiddlewaretoken can be altered |
hackerone.com |
|
2024-11-20 |
[$100] Acronis: Reflected XSS in https://www.acronis.com/products/cyber-protect/trial/ |
hackerone.com |
|
2024-11-20 |
Planet Labs: Api data leak |
hackerone.com |
|
2024-11-20 |
Mars: RXSS in ███ via S parameter |
hackerone.com |
|
2024-11-20 |
Mars: sensitive data-creds for database - private key |
hackerone.com |
|
2024-11-20 |
Mars: CSRF in Delete Pet Function |
hackerone.com |
|
2024-11-20 |
Mars: Reflected XSS on formaction parameter |
hackerone.com |
|
2024-11-20 |
AWS VDP: A potential risk in the cloudFrontExtensionsConsole which can be used to privilege escalation. |
hackerone.com |
|
2024-11-19 |
[$2500] HackerOne: Hackerone supports accounts organitation takeover |
hackerone.com |
|
2024-11-19 |
[$2000] Cosmos: Heap-Buffer-Overread in contains_whitespace when calling parser_validate after supplying a maliciously crafted buffer to parser_parse |
hackerone.com |
|
2024-11-19 |
Nextcloud: Share information of Tables app is not limited to affected users |
hackerone.com |
|
2024-11-17 |
Omise: Open redirect Via X-Forwarded-Host |
hackerone.com |
|
2024-11-17 |
Nextcloud: Nextcloud Tables app - inserting rows to an arbitrary table possible |
hackerone.com |
|
2024-11-17 |
MTN Group: CVE-2017-9822 DotNetNuke Cookie Deserialization Remote Code Execution (RCE) on lonidoor.mtn.ci |
hackerone.com |
|
2024-11-16 |
[$500] Nextcloud: User can copy locked folders and gain access to the contents |
hackerone.com |
|
2024-11-16 |
Nextcloud: Open redirect when logging in with user_oidc |
hackerone.com |
|
2024-11-15 |
Nextcloud: Attachments folder for Text app is accessible on Files Drop/Password protected shares |
hackerone.com |
|
2024-11-15 |
[$100] Nextcloud: Mail auto configurator can be tricked into sending account information to wrong servers |
hackerone.com |
|
2024-11-15 |
MTN Group: Unauthenticated phpinfo()files could lead to ability file read at h3f6.n1.ips.mtn.co.ug |
hackerone.com |
|
2024-11-15 |
HackerOne: Takeover of hackerone.engineering via Medium |
hackerone.com |
|
2024-11-14 |
LinkedIn: Can see phone numbers of others by providing mail address |
hackerone.com |
|
2024-11-14 |
[$250] Doppler: Availability Impact from Exploiting Project Name Vulnerabilities |
hackerone.com |
|
2024-11-13 |
Acronis: IDOR in backup recovery functionality |
hackerone.com |
|
2024-11-08 |
Mozilla: Leakage of traffic in plaintext towards the IP address of VPN server |
hackerone.com |
|
2024-11-08 |
Mozilla: Leaking VPN traffic through non-RFC1918 local IP addresses |
hackerone.com |
|
2024-11-08 |
curl: Buffer overflow in strcpy |
hackerone.com |
|
2024-11-07 |
AWS VDP: A potential risk in the experimental-programmatic-access-ccft which can be used to privilege escalation. |
hackerone.com |
|
2024-11-06 |
curl: CVE-2024-9681: HSTS subdomain overwrites parent cache entry |
hackerone.com |
|
2024-11-06 |
[$100] Acronis: Potential XSS Vulnerability in Acronis Login Callback URL |
hackerone.com |
|
2024-11-06 |
[$100] Acronis: Potential XSS in redirect_url Parameter |
hackerone.com |
|
2024-11-06 |
curl: Exploitable Format String Vulnerability in curl_mfprintf Function |
hackerone.com |
|
2024-11-06 |
TikTok: CSRF in ticket function |
hackerone.com |
|
2024-11-05 |
Automattic: Open redirect via redirect_to parameter in tumblr.com |
hackerone.com |
|
2024-11-05 |
MacTaggart Scott: Overwrite any file of the web server |
hackerone.com |
|
2024-11-05 |
curl: When curl uses Schannel as TLS backend, it fails to enforce TLS 1.3 cipher suite selections correctly |
hackerone.com |
|
2024-11-04 |
[$1000] Basecamp: Stored XSS on trix editor version 2.1.1 |
hackerone.com |
|
2024-11-04 |
MTN Group: Social media account takeover |
hackerone.com |
|
2024-10-31 |
ProductBoard, Inc.: Insecure Invitation Link Handling |
hackerone.com |
|
2024-10-31 |
Acronis: Bypassing Recaptcha Protection in `https://connect.acronis.com` |
hackerone.com |
|
2024-10-31 |
Acronis: Blind XSS on admin.acronis.com via delete account form on account.acronis.com |
hackerone.com |
|
2024-10-31 |
[$2642] Internet Bug Bounty: ReDoS Vulnerability in HTTP Accept Headers Parsing |
hackerone.com |
|
2024-10-31 |
HackerOne: Bypassing HackerOne 2FA due to race condition |
hackerone.com |
|
2024-10-30 |
MetaMask: Missing Line Terminator on allowedOrigins enables origin spoofing |
hackerone.com |
|
2024-10-29 |
Mozilla: Information disclosure on password cancel endpoint |
hackerone.com |
|
2024-10-26 |
U.S. Dept Of Defense: Lack of rate limiting in https://███/PKI/PassReset.aspx leads to PII disclosure and potential account takeover |
hackerone.com |
|
2024-10-26 |
U.S. Dept Of Defense: Unauthenticated LFI (Local File Inclusion) using the symbol `!` At the target `https://████/` |
hackerone.com |
|
2024-10-26 |
U.S. Dept Of Defense: SQL Injection |
hackerone.com |
|
2024-10-26 |
U.S. Dept Of Defense: CVE-2020-7961 RCE Liferay Portal Unauthenticated via https://████████/ |
hackerone.com |
|
2024-10-26 |
U.S. Dept Of Defense: Pull Any Automated Record Brief |
hackerone.com |
|
2024-10-26 |
U.S. Dept Of Defense: ██████ SSN/EDPI |
hackerone.com |
|
2024-10-25 |
Hyperledger: Memory Leak in bytes_to_hexstring Function |
hackerone.com |
|
2024-10-23 |
AWS VDP: Information Disclosure Due To exposed .env file (Directory Listing) at ████████ |
hackerone.com |
|
2024-10-23 |
Endless Group: Weak Password Policy via DirectAdmin Password Change Functionality |
hackerone.com |
|
2024-10-23 |
MTN Group: Reflected - XSS |
hackerone.com |
|
2024-10-23 |
MTN Group: No rate limit in OTP code sending |
hackerone.com |
|
2024-10-18 |
WordPress: Unauthenticated WordPress Database Repair DoS |
hackerone.com |
|
2024-10-18 |
Mozilla: sentry Auth Token exposed publicly in docker hub image |
hackerone.com |
|
2024-10-18 |
Mozilla: paypal client_id And stripe api key indexed on web archive |
hackerone.com |
|
2024-10-18 |
Mozilla: Race condition leads to add more than 5 email at Data breaches monitor system at https://stage.firefoxmonitor.nonprod.cloudops.mozgcp.net |
hackerone.com |
|
2024-10-18 |
Mozilla: two aws access key and secret key and database username and password exposed |
hackerone.com |
|
2024-10-18 |
Automattic: Timeline API returns private post when target of a push notification |
hackerone.com |
|
2024-10-18 |
[$4000] GitHub: Information Leakage via Clicked Link in GitHub Repository (Fingerprinting) |
hackerone.com |
|
2024-10-17 |
Sorare: Circular based introspetion Query leading to single request denial of service and cost consumption and query cost on api.sorare.com/graphql |
hackerone.com |
|
2024-10-17 |
[$249] Internet Bug Bounty: fs.fchown/fchmod bypasses permission model |
hackerone.com |
|
2024-10-15 |
Enjin: Host header injection leads to account takeover |
hackerone.com |
|
2024-10-15 |
Enjin: Race Condition on Create API Function |
hackerone.com |
|
2024-10-14 |
Rocket.Chat: IDOR vulnerability leads to Deleting message after leaving/getting banned from group using message ID |
hackerone.com |
|
2024-10-14 |
[$25000] GitHub: SAML Signature verification bypass allows logging into any user (with specific conditions) |
hackerone.com |
|
2024-10-14 |
GitLab: DOS: taking down a 1k users Gitlab EE instance or multiple Sidekiq instances by importing a malicious repo from a Github EE self-hosted server |
hackerone.com |
|
2024-10-14 |
GitLab: Subdomain takeover in Gitlab pages |
hackerone.com |
|
2024-10-14 |
MTN Group: Remote code execution [CVE-2023-36845] |
hackerone.com |
|
2024-10-14 |
[$2000] inDrive: Change phone number OTP flaw leads to any phone number takeover |
hackerone.com |
|
2024-10-14 |
Ruby on Rails: Path traversal in AcitveStorage, and lead RCE |
hackerone.com |
|
2024-10-14 |
Ruby on Rails: Sauce Labs API key unencrypted in an old commit |
hackerone.com |
|
2024-10-14 |
[$1060] GitLab: HTML injection possible with soft email confirmations when Administrator manually confirms attacker email address |
hackerone.com |
|
2024-10-14 |
GitLab: Maintainer can leak sentry token by changing the configured URL (fix bypass) |
hackerone.com |
|
2024-10-14 |
GitLab: ReDoS due to device-detector parsing user agents |
hackerone.com |
|
2024-10-14 |
Mozilla: User API Key leakage in Github commit leads to unauthorized access to sql.telemetry.mozilla.org |
hackerone.com |
|
2024-10-14 |
MTN Group: IDOR at mtnmobad.mtnbusiness.com.ng leads to PII leakage. |
hackerone.com |
|
2024-10-14 |
MTN Group: Reflected XSS in https://nin.mtn.ng/nin/success?message=lol&nin=<VULNERABLE> |
hackerone.com |
|
2024-10-14 |
AWS VDP: External service interaction (HTTP) |
hackerone.com |
|
2024-10-14 |
IBM: SSRF via host header let access localhost via https://go.dialexa.com |
hackerone.com |
|
2024-10-14 |
TikTok: Stored-XSS-ads.tiktok.com |
hackerone.com |
|
2024-10-14 |
[$100] GitLab: Remove obsolete domain from handbook subdomain |
hackerone.com |
|
2024-10-14 |
IBM: IBM OpenPages vulnerable to exposure of sensitive information |
hackerone.com |
|
2024-10-14 |
Ruby on Rails: XSS when using `translate` in Action Controller (Rails 7.0, 7.1) |
hackerone.com |
|
2024-10-14 |
[$150] Mattermost: Posts sent via websockets aren't sanitized properly |
hackerone.com |
|
2024-10-14 |
[$1160] GitLab: IDOR Exposes All Machine Learning Models |
hackerone.com |
|
2024-10-14 |
Rocket.Chat: The initial E2EE password generated by Rocket.Chat mobile can be recovered in a practical timescale. |
hackerone.com |
|
2024-10-14 |
Nintendo: [Switch, PIA/MK8DX] Stack buffer overflow and potential RCE in PIA (LAN/LDN, possibly NEX) room info deserialization |
hackerone.com |
|
2024-10-14 |
[$600] Acronis: PUT Based CSRF via Client Side Path Traversal + Cookie Bomb on Acronis Cloud |
hackerone.com |
|
2024-09-18 |
[$10000.0] GitHub: Management Console Editor Privilege Escalation to Root SSH Access in GitHub Enterprise Server via RCE in ghe-update-check |
hackerone.com |
|
2024-09-18 |
[$4000.0] GitHub: RC Between GitHub's Repo Update REST API and updateTeamsRepository GraphQL Mutation Results in Covert and Persistent Admin Access Retention |
hackerone.com |
|