readme.md

January 20, 2023 · View on GitHub

Title

Sensitive Information Leaking Through DARPA Website. [█████████]

URL

https://hackerone.com/reports/805027

Severity score

null

Reporter

rootuser

Bounty paid

null

Title

Admin Salt Leakage on DoD site.

URL

https://hackerone.com/reports/241116

Severity score

null

Reporter

mr_r3boot

Bounty paid

null

Title

Possible Subdomain Takeover

URL

https://hackerone.com/reports/233402

Severity score

null

Reporter

z3t

Bounty paid

null

Title

Improper integrity protection of server-side encryption keys

URL

https://hackerone.com/reports/732431

Severity score

7.4

Reporter

yahe

Bounty paid

null

Title

Partial password leak over DNS on HTTP redirect

URL

https://hackerone.com/reports/874778

Severity score

5.5

Reporter

mszpl

Bounty paid

$400

Title

Sensitive Information Leaking Through DoD Owned Website. [██████████]

URL

https://hackerone.com/reports/806213

Severity score

null

Reporter

rootuser

Bounty paid

null

Title

China - Leaked credentials permitted a limited ability to create Starbucks coupons and cards

URL

https://hackerone.com/reports/766770

Severity score

8.8

Reporter

neweq

Bounty paid

null

Title

Uninstalling Slack for Windows (64-bit), then reinstalling keeps you logged in without authentication

URL

https://hackerone.com/reports/238260

Severity score

null

Reporter

pclinger

Bounty paid

$500

Title

h1-202 leaderboard photo discloses local wifi password

URL

https://hackerone.com/reports/329798

Severity score

4.7

Reporter

0x0g

Bounty paid

$500

Title

Form Replay in customer information form

URL

https://hackerone.com/reports/411620

Severity score

null

Reporter

imran_nazir

Bounty paid

$300

Title

kubeadm logs tokens before deleting them

URL

https://hackerone.com/reports/972561

Severity score

3.4

Reporter

mlevesquedion

Bounty paid

$200

Title

Improper confidentiality protection of server-side encryption keys

URL

https://hackerone.com/reports/743505

Severity score

5.3

Reporter

yahe

Bounty paid

null

Title

“email” MFA mode allows bypassing MFA from victim’s device when the device trust is not expired

URL

https://hackerone.com/reports/665722

Severity score

null

Reporter

l1nkworld

Bounty paid

$2,500

Title

Account takeover intercepting magic link for Arrive app

URL

https://hackerone.com/reports/855618

Severity score

null

Reporter

nsl182

Bounty paid

$500

Title

Exposed FTP Credentials on ███████

URL

https://hackerone.com/reports/235216

Severity score

null

Reporter

z3t

Bounty paid

null