readme.md
January 20, 2023 · View on GitHub
Title
Access Projects And create projects in gitlab pre production server
URL
https://hackerone.com/reports/540711
Severity score
null
Reporter
uzsunnyz
Bounty paid
$1,000
Title
SSN leak due to editable slides
URL
https://hackerone.com/reports/693943
Severity score
null
Reporter
alyssa_herrera
Bounty paid
null
Title
PII Leak (such as CAC User ID) at https://████████/pages/login.aspx
URL
https://hackerone.com/reports/900137
Severity score
null
Reporter
pi_hunter50
Bounty paid
null
Title
Web cache poisoning attack leads to user information and more
URL
https://hackerone.com/reports/492841
Severity score
8.2
Reporter
davidalbert
Bounty paid
$500
Title
Public available Sensitive Information about drivers
URL
https://hackerone.com/reports/756833
Severity score
0
Reporter
krupnikas
Bounty paid
null
Title
PulseSSL VPN Site with Compromised Creds @ ████
URL
https://hackerone.com/reports/854049
Severity score
null
Reporter
r00tpgp
Bounty paid
null
Title
Database read through provider misconfiguration
URL
https://hackerone.com/reports/882475
Severity score
6.8
Reporter
kanytu
Bounty paid
$1,000
Title
Insecure Storage and Overly Permissive Google Maps API Key in Android App
URL
https://hackerone.com/reports/488371
Severity score
6.1
Reporter
bitsscrambler
Bounty paid
$150
Title
Leaking sensitive information lead to compromise employer API keys
URL
https://hackerone.com/reports/273630
Severity score
null
Reporter
xsam
Bounty paid
$300
Title
Previously Compromised PulseSSL VPN Hosts
URL
https://hackerone.com/reports/852713
Severity score
null
Reporter
r00tpgp
Bounty paid
null
Title
Логирование ответов запросов VK API в приложении Клевер
URL
https://hackerone.com/reports/475177
Severity score
null
Reporter
norver
Bounty paid
$300
Title
Chaining Bugs: Leakage of CSRF token which leads to Stored XSS and Account Takeover (xs1.tribalwars.cash)
URL
https://hackerone.com/reports/604120
Severity score
7.1
Reporter
batee5a
Bounty paid
$1,100
Title
Online training material disclosing username and password
URL
https://hackerone.com/reports/672629
Severity score
null
Reporter
scraps
Bounty paid
null
Title
Sensitive information exposure via git commit
URL
https://hackerone.com/reports/902064
Severity score
null
Reporter
woj_ciech
Bounty paid
$150
Title
Private files exposed to other apps
URL
https://hackerone.com/reports/838587
Severity score
7.3
Reporter
kanytu
Bounty paid
$1,000
Title
[h1-2006 2020] Chained vulnerabilities lead to account takeover
URL
https://hackerone.com/reports/895650
Severity score
null
Reporter
kanytu
Bounty paid
null
Title
Publicly accessible Order confirmations leaking User Emails on ███
URL
https://hackerone.com/reports/323992
Severity score
null
Reporter
alyssa_herrera
Bounty paid
null
Title
██████████ bruteforceable RIC Codes allowing information on contracts
URL
https://hackerone.com/reports/647409
Severity score
null
Reporter
alyssa_herrera
Bounty paid
null
Title
Internal IP addresses range and AWS cluster region leaked in a Github repository
URL
https://hackerone.com/reports/877303
Severity score
null
Reporter
njaysec
Bounty paid
null
Title
PII leakage-Full SSN on ███
URL
https://hackerone.com/reports/644358
Severity score
null
Reporter
alyssa_herrera
Bounty paid
null
Title
Insecure Logging - OWASP (2016-M2)
URL
https://hackerone.com/reports/700624
Severity score
4.3
Reporter
iamsahana
Bounty paid
$400
Title
Partial SSN exposed through Presentation slides on ██████████
URL
https://hackerone.com/reports/665144
Severity score
null
Reporter
alyssa_herrera
Bounty paid
null
Title
Veracode and security audit record are publicly available
URL
https://hackerone.com/reports/669365
Severity score
null
Reporter
laxe
Bounty paid
null
Title
PII Leak via https://████████
URL
https://hackerone.com/reports/808338
Severity score
null
Reporter
un4gi
Bounty paid
null