readme.md

Title

Remote Code Execution through Deserialization Attack in OwnBackup app.

URL

https://hackerone.com/reports/562335

Severity score

null

Reporter

q3rv0

Bounty paid

null

---

Title

Deserialization of Untrusted Data in www/delivery/dxmlrpc.php

URL

https://hackerone.com/reports/542670

Severity score

10

Reporter

mbeccati

Bounty paid

null

---

Title

Remote Code Execution (RCE) in a Sony Pictures WebSystem

URL

https://hackerone.com/reports/330028

Severity score

10

Reporter

joaomatosf

Bounty paid

null

---

Title

2 vulnerabilities of arbitrary code in ████████ - CVE-2017-5929

URL

https://hackerone.com/reports/272979

Severity score

null

Reporter

ruffdraft

Bounty paid

null

---

Title

Vanilla Forums Gdn_Format unserialize() Remote Code Execution Vulnerability

URL

https://hackerone.com/reports/407552

Severity score

9.1

Reporter

mr_me

Bounty paid

$600

---

Title

Remote code execution by hijacking an unclaimed S3 bucket in Rocket.Chat's installation script.

URL

https://hackerone.com/reports/399166

Severity score

null

Reporter

edoverflow

Bounty paid

null

---

Title

Authenticated Code Execution through Phar deserialization in CSV Importer as Shop manager in WooCommerce

URL

https://hackerone.com/reports/403083

Severity score

null

Reporter

simonscannell

Bounty paid

$350

---

Title

Unsafe deserialization in Libera Pay allows to escalate a SQL injection to Remote Command Execution

URL

https://hackerone.com/reports/361341

Severity score

null

Reporter

kapytein

Bounty paid

null

---

Title

Deserialization of Untrusted Data in www/delivery/adxmlrpc.php

URL

https://hackerone.com/reports/512076

Severity score

9.1

Reporter

mbeccati

Bounty paid

null

---

Title

Remote Code Execution via CVE-2019-18935

URL

https://hackerone.com/reports/913695

Severity score

null

Reporter

un4gi

Bounty paid

null

---

Title

Attacker can add arbitrary data to the blockchain without paying gas

URL

https://hackerone.com/reports/396954

Severity score

9.3

Reporter

ahook

Bounty paid

$10,000

---

Title

Remote Code Execution via Insecure Deserialization in Telerik UI

URL

https://hackerone.com/reports/838196

Severity score

null

Reporter

sw33tlie

Bounty paid

null

---

Title

CTF Writeup flag{cha1n1ng_bugs_f0r_fun_4nd_pr0f1t?_or_rep0rt_an_LF1}

URL

https://hackerone.com/reports/415275

Severity score

null

Reporter

den1al

Bounty paid

null

---

Title

Remote Code Execution (RCE) in a Sony WebSystem

URL

https://hackerone.com/reports/329572

Severity score

10

Reporter

joaomatosf

Bounty paid

null

---

Title

Unrestricted File Upload in Chat Window

URL

https://hackerone.com/reports/826288

Severity score

null

Reporter

ravi2443

Bounty paid

null

---

Title

Untrusted strings that are cache fetched with raw option are automatically marshal loaded

URL

https://hackerone.com/reports/413388

Severity score

null

Reporter

dylan-ts

Bounty paid

null

---

Title

Unsafe deserialization in Nexus Repository helm plugin

URL

https://hackerone.com/reports/917843

Severity score

null

Reporter

c0d3p1ut0s

Bounty paid

null

---

Title

Remote attacker can impersonate Social users via ActivityPub API

URL

https://hackerone.com/reports/461308

Severity score

null

Reporter

tomk

Bounty paid

$50

---

Title

Remote code execution on rubygems.org

URL

https://hackerone.com/reports/274990

Severity score

null

Reporter

max

Bounty paid

$1,500

---

Title

Remote Code Execution (RCE) in a DoD website

URL

https://hackerone.com/reports/329399

Severity score

null

Reporter

joaomatosf

Bounty paid

null

---

Title

Vanilla Forums Xenforo password splitHash Unserialize Remote Code Execution Vulnerability

URL

https://hackerone.com/reports/410212

Severity score

8

Reporter

mr_me

Bounty paid

$300

---

Title

Password reset Token not expiring

URL

https://hackerone.com/reports/220185

Severity score

null

Reporter

peeper35

Bounty paid

null

---

Title

Vanilla Forums ImportController index file_exists Unserialize Remote Code Execution Vulnerability

URL

https://hackerone.com/reports/410237

Severity score

9.1

Reporter

mr_me

Bounty paid

$600

---

Title

Remote Code Execution (RCE) in a DoD website

URL

https://hackerone.com/reports/329400

Severity score

null

Reporter

joaomatosf

Bounty paid

null

---

Title

Vanilla Forums domGetImages getimagesize Unserialize Remote Code Execution Vulnerability (critical)

URL

https://hackerone.com/reports/410882

Severity score

9.8

Reporter

mr_me

Bounty paid

$600

---

Title

Remote Code Execution (RCE) in a DoD website

URL

https://hackerone.com/reports/329376

Severity score

null

Reporter

joaomatosf

Bounty paid

null

---

Title

Remote Code Execution (RCE) in a DoD website

URL

https://hackerone.com/reports/329397

Severity score

null

Reporter

joaomatosf

Bounty paid

null

---