readme.md

January 20, 2023 · View on GitHub

Title

Solr Injection in user_id parameter at :/v2/leaderboard_v2.json

URL

https://hackerone.com/reports/952501

Severity score

9.1

Reporter

zzzhacker13

Bounty paid

$2,000


Title

SQL Injection Vulnerability in Concrete5 version 5.7.3.1

URL

https://hackerone.com/reports/59664

Severity score

null

Reporter

egix

Bounty paid

null


Title

[express-cart] Customer and admin email enumeration through MongoDB injection

URL

https://hackerone.com/reports/397445

Severity score

8.2

Reporter

becojo

Bounty paid

null


Title

Multiple Vulnerabilities in Oracle Webcenter Sites (/cs/Satellite)

URL

https://hackerone.com/reports/199082

Severity score

8.3

Reporter

teemuk

Bounty paid

$600


Title

SQL Injection on www.██████████ on countID parameter

URL

https://hackerone.com/reports/390879

Severity score

null

Reporter

0_1vitthal

Bounty paid

null


Title

SQL Injection vulnerability in a DoD website

URL

https://hackerone.com/reports/192079

Severity score

null

Reporter

korprit

Bounty paid

null


Title

SQL Injection in lapsuudenturva (viestinta.lahitapiola.fi)

URL

https://hackerone.com/reports/191146

Severity score

null

Reporter

sandh0t

Bounty paid

$1,350


Title

Blind SQL Injection on starbucks.com.gt and WAF Bypass :*

URL

https://hackerone.com/reports/549355

Severity score

null

Reporter

d3417_

Bounty paid

$500


Title

SQL Injection

URL

https://hackerone.com/reports/23014

Severity score

null

Reporter

yappare

Bounty paid

null


Title

[tidaltrek.mail.ru] SQL Injection

URL

https://hackerone.com/reports/142479

Severity score

null

Reporter

konqi

Bounty paid

$150


Title

SQLi on http://sports.yahoo.com/nfl/draft

URL

https://hackerone.com/reports/1538

Severity score

null

Reporter

stefanofinding

Bounty paid

$3,705


Title

[SQLI ]Time Bassed Injection at ██████████ via referer header

URL

https://hackerone.com/reports/995122

Severity score

null

Reporter

yassinek3ch

Bounty paid

null


Title

Blind SQL INJ

URL

https://hackerone.com/reports/115304

Severity score

null

Reporter

pentesters

Bounty paid

null


Title

████████ SQL

URL

https://hackerone.com/reports/381771

Severity score

null

Reporter

manshum12

Bounty paid

null


Title

Time Based SQL injection in url parameter

URL

https://hackerone.com/reports/144359

Severity score

null

Reporter

anony-123

Bounty paid

null


Title

SQL Injection vulnerability in a DoD website

URL

https://hackerone.com/reports/201512

Severity score

null

Reporter

alyssa_herrera

Bounty paid

null


Title

[orsotenslimselfie.lady.mail.ru] SQL Injection

URL

https://hackerone.com/reports/115291

Severity score

null

Reporter

konqi

Bounty paid

$300


Title

Blind SQL injection [https://honor.hi-tech.mail.ru]

URL

https://hackerone.com/reports/398131

Severity score

null

Reporter

haxta4ok00

Bounty paid

$300


Title

CTF Writeup

URL

https://hackerone.com/reports/507023

Severity score

null

Reporter

voidmercy

Bounty paid

null


Title

[████] SQL Injections on Referer Header exploitable via Time-Based method

URL

https://hackerone.com/reports/1018621

Severity score

null

Reporter

polygon35

Bounty paid

null


Title

SQL Injection on cookie parameter

URL

https://hackerone.com/reports/761304

Severity score

null

Reporter

w31rd0

Bounty paid

null


Title

SQL Injection /webApp/sijoitustalous_peruutus locId parameter (viestinta.lahitapiola.fi)

URL

https://hackerone.com/reports/181826

Severity score

5.9

Reporter

bobrov

Bounty paid

$350


Title

SQL injection vulnerability on a DoD website

URL

https://hackerone.com/reports/189332

Severity score

null

Reporter

mthirup

Bounty paid

null


Title

ActionController::Parameters .each returns an unsafe hash

URL

https://hackerone.com/reports/292797

Severity score

6.5

Reporter

abuisman

Bounty paid

$500


Title

Yahoo YQL Injection?

URL

https://hackerone.com/reports/1407

Severity score

null

Reporter

nahamsec

Bounty paid

null


Title

[www.zomato.com] Union SQLi + Waf Bypass

URL

https://hackerone.com/reports/258582

Severity score

null

Reporter

gerben_javado

Bounty paid

$1,000


Title

[SQLI ]Time Bassed Injection at ██████████ via /██████/library.php?c=G14 parameter

URL

https://hackerone.com/reports/1024984

Severity score

null

Reporter

zinminphy00

Bounty paid

null


Title

Blind SQL Injection(Time Based Payload) in https://www.easytopup.in.th/store/game/digimon-master via CheckuserForm[user_id]

URL

https://hackerone.com/reports/789259

Severity score

8.2

Reporter

angeltsvetkov

Bounty paid

$1,000


Title

Sql injection on docs.atavist.com

URL

https://hackerone.com/reports/1039315

Severity score

null

Reporter

lu3ky-13

Bounty paid

$200


Title

Drupal 7 pre auth sql injection and remote code execution

URL

https://hackerone.com/reports/31756

Severity score

null

Reporter

shorst

Bounty paid

$3,000


Title

SQL Injection vulnerability in a DoD website

URL

https://hackerone.com/reports/197754

Severity score

null

Reporter

hassaan

Bounty paid

null


Title

Time-Based Blind SQL Injection Attacks

URL

https://hackerone.com/reports/78443

Severity score

null

Reporter

lukazorge

Bounty paid

$150


Title

[untitled-model] sql injection

URL

https://hackerone.com/reports/507222

Severity score

8.6

Reporter

verichains

Bounty paid

null


Title

Time based sql injection

URL

https://hackerone.com/reports/9921

Severity score

null

Reporter

psych0tr1a

Bounty paid

$200


Title

SQL injection at fleet.city-mobil.ru

URL

https://hackerone.com/reports/881901

Severity score

8.8

Reporter

r0hack

Bounty paid

$10,000


Title

A SQL injection vulnerability in Vanilla

URL

https://hackerone.com/reports/358570

Severity score

null

Reporter

balis0ng

Bounty paid

$600


Title

[3k.mail.ru] SQL Injection

URL

https://hackerone.com/reports/116508

Severity score

null

Reporter

konqi

Bounty paid

$150


Title

SQL Injection in the move_papers.php on the https://██████████

URL

https://hackerone.com/reports/491191

Severity score

null

Reporter

sp1d3rs

Bounty paid

null


Title

[ipm.informatica.com] Sql injection Oracle

URL

https://hackerone.com/reports/178057

Severity score

null

Reporter

e3xpl0it

Bounty paid

null


Title

SQL Injection [unauthenticated] with direct output at https://news.mail.ru/

URL

https://hackerone.com/reports/818972

Severity score

8.4

Reporter

derision

Bounty paid

$7,500


Title

SQL injection in conc/index.php/ccm/system/search/users/submit

URL

https://hackerone.com/reports/38778

Severity score

null

Reporter

yujitounai

Bounty paid

null


Title

SQL Injection vulnerability in a DoD website

URL

https://hackerone.com/reports/226211

Severity score

null

Reporter

amsda

Bounty paid

null


Title

[www.zomato.com] Blind SQL Injection in /php/geto2banner

URL

https://hackerone.com/reports/838855

Severity score

null

Reporter

zzzhacker13

Bounty paid

$2,000


Title

SQL Injection on /webApp/omatalousuk (viestinta.lahitapiola.fi)

URL

https://hackerone.com/reports/179751

Severity score

5.9

Reporter

anandakshya

Bounty paid

$1,560


Title

SQLi in login form of █████

URL

https://hackerone.com/reports/982202

Severity score

null

Reporter

erbbysam

Bounty paid

null


Title

SQL Injection https://www.olx.co.id

URL

https://hackerone.com/reports/446293

Severity score

null

Reporter

codeslayer137

Bounty paid

null


Title

SQL injection (stacked queries) in the export to Excel functionality on Vidyo Server

URL

https://hackerone.com/reports/922567

Severity score

null

Reporter

b1ackgamba

Bounty paid

null


Title

[www.zomato.com] Boolean SQLi - /█████.php

URL

https://hackerone.com/reports/297534

Severity score

null

Reporter

gerben_javado

Bounty paid

$1,000


Title

[increments] sql injection

URL

https://hackerone.com/reports/508346

Severity score

8.6

Reporter

verichains

Bounty paid

null


Title

https://zest.co.th/zestlinepay/checkproduct API endpoint suffers from Boolean-based SQL injection

URL

https://hackerone.com/reports/783147

Severity score

7.3

Reporter

nnez

Bounty paid

null


Title

Information Disclosure in https://www.rockstargames.com/search

URL

https://hackerone.com/reports/808832

Severity score

null

Reporter

netfuzzer

Bounty paid

$250


Title

[api.easy2pay.co] SQL Injection in cashcard via card_no parameter ⭐️Bypassing IP whitelist⭐️

URL

https://hackerone.com/reports/894329

Severity score

7.5

Reporter

s3cr3tsdn

Bounty paid

null


Title

Дайте swag

URL

https://hackerone.com/reports/665688

Severity score

null

Reporter

linkks

Bounty paid

null


Title

Time-Based SQL injection at city-mobil.ru

URL

https://hackerone.com/reports/868436

Severity score

null

Reporter

r0hack

Bounty paid

$15,000


Title

store-agent.mail.ru: stacked blind injection

URL

https://hackerone.com/reports/60420

Severity score

null

Reporter

isox

Bounty paid

$400


Title

SQL injection in GraphQL endpoint through embedded_submission_form_uuid parameter

URL

https://hackerone.com/reports/435066

Severity score

10

Reporter

jobert

Bounty paid

null


Title

turboslim.lady.mail.ru - Blind sql-injection.

URL

https://hackerone.com/reports/795291

Severity score

7.5

Reporter

alexeysergeevich

Bounty paid

$5,000


Title

SQL Injection on 11x11.mail.ru

URL

https://hackerone.com/reports/15762

Severity score

null

Reporter

bigbear

Bounty paid

$150


Title

Multiple SQL Injections and constrained LFI in esk-static.3igames.mail.ru

URL

https://hackerone.com/reports/974078

Severity score

7.2

Reporter

haxonaut

Bounty paid

$1,500


Title

[query-mysql] SQL Injection due to lack of user input sanitization allows to run arbitrary SQL queries when fetching data from database

URL

https://hackerone.com/reports/311244

Severity score

9.8

Reporter

bl4de

Bounty paid

null


Title

Followup - SQL Injection - https://██████████/██████/MSI.portal

URL

https://hackerone.com/reports/692326

Severity score

null

Reporter

arkaic

Bounty paid

null


Title

SQL Injection vulnerability in a DoD website

URL

https://hackerone.com/reports/192110

Severity score

null

Reporter

korprit

Bounty paid

null


Title

SQL Injection on /cs/Satellite path

URL

https://hackerone.com/reports/164739

Severity score

null

Reporter

g0blin

Bounty paid

$400


Title

SQL injection found in US Navy Website (http://███/)

URL

https://hackerone.com/reports/197755

Severity score

null

Reporter

hassaan

Bounty paid

null


Title

vk.com/login.php

URL

https://hackerone.com/reports/116764

Severity score

null

Reporter

close

Bounty paid

$200


Title

[afocusp.informatica.com] Sql injection afocusp.informatica.com:37777

URL

https://hackerone.com/reports/178632

Severity score

null

Reporter

e3xpl0it

Bounty paid

null


Title

[lk.contact-sys.com] SQL Injection reset_password FP_LK_USER_LOGIN

URL

https://hackerone.com/reports/164684

Severity score

null

Reporter

bobrov

Bounty paid

$300


Title

SQL Injection on /webApp/lapsuudenturva (viestinta.lahitapiola.fi)

URL

https://hackerone.com/reports/200214

Severity score

5.3

Reporter

3p1c

Bounty paid

$1,350


Title

[https://www.anghami.com/updatemailinfo/] Sql Injection

URL

https://hackerone.com/reports/86468

Severity score

null

Reporter

jayden

Bounty paid

$300


Title

Code reversion allowing SQLI again in ███████

URL

https://hackerone.com/reports/348047

Severity score

null

Reporter

alyssa_herrera

Bounty paid

null


Title

SQL injection vulnerability in a DoD website

URL

https://hackerone.com/reports/195051

Severity score

null

Reporter

shakaa1

Bounty paid

null


Title

Multiple vulnerabilities in a WordPress plugin at drive.uber.com

URL

https://hackerone.com/reports/135288

Severity score

null

Reporter

0xsyndr0me

Bounty paid

$5,000


Title

SQL injection vulnerability on a DoD website

URL

https://hackerone.com/reports/193436

Severity score

null

Reporter

korprit

Bounty paid

null


Title

SQL Injection vulnerability located at ████████

URL

https://hackerone.com/reports/384397

Severity score

null

Reporter

rootaccess

Bounty paid

null


Title

allods.mail.ru sql injection

URL

https://hackerone.com/reports/738740

Severity score

null

Reporter

linkks

Bounty paid

$2,200


Title

SQL injection on █████ due to tech.cfm

URL

https://hackerone.com/reports/310031

Severity score

null

Reporter

alyssa_herrera

Bounty paid

null


Title

Possible SQL injection on "Jump to twitter"

URL

https://hackerone.com/reports/81701

Severity score

null

Reporter

deleted

Bounty paid

$1


Title

SQL injection vulnerability on a DoD website

URL

https://hackerone.com/reports/202619

Severity score

null

Reporter

0xd0m7

Bounty paid

null


Title

Possible SQL injection can cause denial of service attack

URL

https://hackerone.com/reports/123660

Severity score

null

Reporter

super_hack

Bounty paid

null


Title

SQL Injection in https://api-my.pay.razer.com/inviteFriend/getInviteHistoryLog

URL

https://hackerone.com/reports/811111

Severity score

9.1

Reporter

reemer

Bounty paid

$2,000


Title

SQL inj

URL

https://hackerone.com/reports/10468

Severity score

null

Reporter

vah13

Bounty paid

$150


Title

sql injection on /messagecenter/messagingcenter at https://www.███████/

URL

https://hackerone.com/reports/381758

Severity score

null

Reporter

modam3r5

Bounty paid

null


Title

SOAP WSDL Parser SQL Code Execution

URL

https://hackerone.com/reports/390359

Severity score

null

Reporter

websecnl

Bounty paid

null


Title

SQL injection on https://███████

URL

https://hackerone.com/reports/214798

Severity score

null

Reporter

daveysec

Bounty paid

null


Title

[www.zomato.com] Abusing LocalParams (city) to Inject SOLR query

URL

https://hackerone.com/reports/844428

Severity score

null

Reporter

zzzhacker13

Bounty paid

$100


Title

SQL Injection vulnerability in a DoD website

URL

https://hackerone.com/reports/216699

Severity score

null

Reporter

albinowax

Bounty paid

null


Title

SQL Injection Proof of Concept for Starbucks URL

URL

https://hackerone.com/reports/360539

Severity score

null

Reporter

debo

Bounty paid

null


Title

SQL Injection on sctrack.email.uber.com.cn

URL

https://hackerone.com/reports/150156

Severity score

null

Reporter

orange

Bounty paid

$4,000


Title

SQL Injection found in NextCloud Android App Content Provider

URL

https://hackerone.com/reports/291764

Severity score

0.9

Reporter

bluedangerforyou

Bounty paid

$150


Title

SQLi at https://sea-web.gold.razer.com/demo-th/purchase-result.php via orderid Parameter

URL

https://hackerone.com/reports/777693

Severity score

10

Reporter

s3cr3tsdn

Bounty paid

$2,000


Title

[www.zomato.com] Blind SQL Injection in /php/widgets_handler.php

URL

https://hackerone.com/reports/836079

Severity score

null

Reporter

zzzhacker13

Bounty paid

$2,000


Title

SQL inj

URL

https://hackerone.com/reports/10037

Severity score

null

Reporter

vah13

Bounty paid

$150


Title

sql

URL

https://hackerone.com/reports/453297

Severity score

7.3

Reporter

linkks

Bounty paid

$300


Title

SQL injection, time zoom script, tile ID

URL

https://hackerone.com/reports/17227

Severity score

null

Reporter

bitquark

Bounty paid

null


Title

SQL Injection /webApp/oma_conf ctx parameter (viestinta.lahitapiola.fi)

URL

https://hackerone.com/reports/181803

Severity score

5.9

Reporter

bobrov

Bounty paid

$1,350


Title

Time Based SQL Injection vulnerability on a DoD website

URL

https://hackerone.com/reports/189851

Severity score

null

Reporter

alyssa_herrera

Bounty paid

null


Title

SQL Injection, exploitable in boolean mode

URL

https://hackerone.com/reports/246412

Severity score

9

Reporter

securitygab

Bounty paid

$300


Title

Blind SQL injection on ████████

URL

https://hackerone.com/reports/313037

Severity score

null

Reporter

alyssa_herrera

Bounty paid

null


Title

[CRITICAL] Sql Injection on http://axa.dxi.eu

URL

https://hackerone.com/reports/722145

Severity score

null

Reporter

madrobot

Bounty paid

null


Title

SQL injection in partner id field on https://www.teavana.com (Sign-up form)

URL

https://hackerone.com/reports/269279

Severity score

5.3

Reporter

bigbug

Bounty paid

$250


Title

[███] SQL injection & Reflected XSS

URL

https://hackerone.com/reports/484801

Severity score

null

Reporter

jarvis7

Bounty paid

null


Title

[afisha.mail.ru] SQL Injection

URL

https://hackerone.com/reports/112555

Severity score

null

Reporter

konqi

Bounty paid

$300


Title

SQL Injection ON HK.Promotion

URL

https://hackerone.com/reports/3039

Severity score

null

Reporter

nahamsec

Bounty paid

$1,000


Title

[typeorm] SQL Injection

URL

https://hackerone.com/reports/506654

Severity score

8.6

Reporter

verichains

Bounty paid

null


Title

SQL Injection in Login Page: https://█████/█████████/login.php

URL

https://hackerone.com/reports/447742

Severity score

null

Reporter

l00ph0le

Bounty paid

null


Title

Blind SQL Injection on DoD Site

URL

https://hackerone.com/reports/242882

Severity score

null

Reporter

mr_r3boot

Bounty paid

null


Title

SQL injection vulnerability on a DoD website

URL

https://hackerone.com/reports/200623

Severity score

null

Reporter

vag_mour

Bounty paid

null


Title

MSSQL injection via param Customwho in https://█████/News/Transcripts/Search/Sort/ and WAF bypass

URL

https://hackerone.com/reports/577612

Severity score

null

Reporter

bohdansec

Bounty paid

null


Title

SQL Injection on /webApp/viivanalle (viestinta.lahitapiola.fi)

URL

https://hackerone.com/reports/200210

Severity score

5.3

Reporter

3p1c

Bounty paid

$350


Title

SQL injection update.mail.ru

URL

https://hackerone.com/reports/11861

Severity score

null

Reporter

vah13

Bounty paid

$250


Title

Time Based SQL-inject in post-parametr login[username] [domain - youporn.com]

URL

https://hackerone.com/reports/203935

Severity score

null

Reporter

almaco

Bounty paid

$2,500


Title

SQL

URL

https://hackerone.com/reports/10081

Severity score

null

Reporter

vah13

Bounty paid

$150


Title

SQL Injection - https://███/█████████/MSI.portal

URL

https://hackerone.com/reports/674838

Severity score

null

Reporter

arkaic

Bounty paid

null


Title

[critical] sql injection by GET method

URL

https://hackerone.com/reports/319279

Severity score

8

Reporter

securitygab

Bounty paid

null


Title

SQL injection in Razer Gold List Admin at /lists/index.php via the list[] parameter.

URL

https://hackerone.com/reports/824307

Severity score

10

Reporter

stealthy

Bounty paid

$2,000


Title

[Informational] Possible SQL Injection in inc/ajax-actions-frontend.php

URL

https://hackerone.com/reports/310280

Severity score

null

Reporter

damian89

Bounty paid

$10


Title

Code source discloure & ability to get database information "SQL injection" in [townwars.mail.ru]

URL

https://hackerone.com/reports/141329

Severity score

null

Reporter

xsam

Bounty paid

$150


Title

caesary.yahoo.net Blind Sql Injection

URL

https://hackerone.com/reports/21899

Severity score

null

Reporter

imadchabounia

Bounty paid

null


Title

SQL Injection in report_xml.php through countryFilter[] parameter

URL

https://hackerone.com/reports/383127

Severity score

9.9

Reporter

moskowsky

Bounty paid

$25,000


Title

stripo blog search SQL Injection

URL

https://hackerone.com/reports/761382

Severity score

null

Reporter

bluebridsec

Bounty paid

null


Title

[www.zomato.com] SQLi - /php/██████████ - item_id

URL

https://hackerone.com/reports/403616

Severity score

null

Reporter

gerben_javado

Bounty paid

$4,500


Title

SQL Injection in ████

URL

https://hackerone.com/reports/519631

Severity score

null

Reporter

arinerron2

Bounty paid

null


Title

[www.zomato.com] SQLi on order_id parameter

URL

https://hackerone.com/reports/358669

Severity score

null

Reporter

saltedfish

Bounty paid

$1,000


Title

[informatica.com] Blind SQL Injection

URL

https://hackerone.com/reports/117073

Severity score

null

Reporter

konqi

Bounty paid

null


Title

Weak credentials, Blind SQLi, Timing attack, that leads to web admin access

URL

https://hackerone.com/reports/514584

Severity score

9.8

Reporter

rabbidbyte

Bounty paid

null


Title

SQL injection

URL

https://hackerone.com/reports/311922

Severity score

null

Reporter

alyssa_herrera

Bounty paid

null


Title

SQL LIKE clauses wildcard injection

URL

https://hackerone.com/reports/852306

Severity score

null

Reporter

bazzy

Bounty paid

$8,000


Title

[parapa.mail.ru] SQL Injection

URL

https://hackerone.com/reports/109212

Severity score

null

Reporter

konqi

Bounty paid

$150


Title

www.drivegrab.com SQL injection

URL

https://hackerone.com/reports/273946

Severity score

null

Reporter

jouko

Bounty paid

$4,500


Title

[Android API] SQL injection ( errortoken.json )

URL

https://hackerone.com/reports/204050

Severity score

null

Reporter

lisa122

Bounty paid

null


Title

Blind SQLi in a DoD Website

URL

https://hackerone.com/reports/196300

Severity score

null

Reporter

akaki

Bounty paid

null


Title

[townwars.mail.ru] Time-Based SQL Injection

URL

https://hackerone.com/reports/144674

Severity score

null

Reporter

konqi

Bounty paid

$150


Title

Two Error-Based SQLi in courses.aspx on ██████████

URL

https://hackerone.com/reports/227102

Severity score

null

Reporter

tcpiplab

Bounty paid

null


Title

[cfire.mail.ru] Time Based SQL Injection

URL

https://hackerone.com/reports/107780

Severity score

null

Reporter

konqi

Bounty paid

$150


Title

blind sql injection

URL

https://hackerone.com/reports/374027

Severity score

7.3

Reporter

geeknik

Bounty paid

null


Title

SQL injection in Serendipity (serendipity_fetchComments)

URL

https://hackerone.com/reports/374748

Severity score

null

Reporter

oreamnos

Bounty paid

null


Title

sqli

URL

https://hackerone.com/reports/207695

Severity score

null

Reporter

linkks

Bounty paid

$1,000


Title

SQL injection in Wordpress Plugin Huge IT Video Gallery at https://drive.uber.com/frmarketplace/

URL

https://hackerone.com/reports/125932

Severity score

null

Reporter

glc

Bounty paid

$3,000


Title

SQL Injection or Denial of Service due to a Prototype Pollution

URL

https://hackerone.com/reports/869574

Severity score

9.9

Reporter

phra

Bounty paid

null


Title

sql does not properly escape parameters when building SQL queries, resulting in potential SQLi

URL

https://hackerone.com/reports/319465

Severity score

6.3

Reporter

chalker

Bounty paid

null


Title

Arbitrary SQL command injection

URL

https://hackerone.com/reports/508487

Severity score

null

Reporter

leonklingele

Bounty paid

$500


Title

SQL injections

URL

https://hackerone.com/reports/272506

Severity score

null

Reporter

lfb

Bounty paid

null


Title

SQL Injection in sijoitustalous_peruutus (viestinta.lahitapiola.fi)

URL

https://hackerone.com/reports/190434

Severity score

5.9

Reporter

cyriac

Bounty paid

$1,350


Title

WordPress DB Class, bad implementation of prepare method guides to sqli and information disclosure

URL

https://hackerone.com/reports/179920

Severity score

null

Reporter

b258ea62bf297b02afa9854

Bounty paid

null


Title

[api.easy2pay.co] SQL Injection at fortumo via TransID parameter [Bypassing Signature Validation🔥]

URL

https://hackerone.com/reports/894325

Severity score

7.5

Reporter

s3cr3tsdn

Bounty paid

$4,000


Title

SQL Injection on /webApp/sijoitustalousuk email-parameter + potential lack of CSRF Token (viestinta.lahitapiola.fi)

URL

https://hackerone.com/reports/191601

Severity score

5.9

Reporter

jimmyjohns

Bounty paid

$1,350


Title

Vanilla SQL Injection Vulnerability

URL

https://hackerone.com/reports/353784

Severity score

null

Reporter

balis0ng

Bounty paid

$600


Title

Blind SQL injection and making any profile comments from any users to disappear using "like" function (2 in 1 issues)

URL

https://hackerone.com/reports/363815

Severity score

null

Reporter

sp1d3rs

Bounty paid

$2,500


Title

[cfire.mail.ru] Time Based SQL Injection 2

URL

https://hackerone.com/reports/111003

Severity score

null

Reporter

haxta4ok00

Bounty paid

$200


Title

Blind SQL Injection

URL

https://hackerone.com/reports/758654

Severity score

null

Reporter

rzx007x

Bounty paid

$2,000


Title

SQL injection [дырка в движке форума]

URL

https://hackerone.com/reports/9919

Severity score

null

Reporter

psych0tr1a

Bounty paid

$200


Title

Blind SQL Injection

URL

https://hackerone.com/reports/221757

Severity score

null

Reporter

linkks

Bounty paid

$300


Title

Blind SQL Injection on news.mail.ru

URL

https://hackerone.com/reports/732430

Severity score

8

Reporter

asdqwedev

Bounty paid

$3,000


Title

[tidaltrek.mail.ru] SQL Injection

URL

https://hackerone.com/reports/140899

Severity score

null

Reporter

konqi

Bounty paid

$150


Title

SQL injection in MilestoneFinder order method

URL

https://hackerone.com/reports/298176

Severity score

9.9

Reporter

jobert

Bounty paid

$2,000


Title

SQL injection vulnerability on a DoD website

URL

https://hackerone.com/reports/193936

Severity score

null

Reporter

mthirup

Bounty paid

null


Title

Blind SQL injection in third-party software, that allows to reveal user statistic from rocket.chat and possibly hack into the rocketchat.agilecrm.com

URL

https://hackerone.com/reports/433792

Severity score

null

Reporter

w2w

Bounty paid

null


Title

SQL injection in 3rd party software Anomali

URL

https://hackerone.com/reports/206872

Severity score

null

Reporter

kazan71p

Bounty paid

$2,500


Title

Blind SQLi leading to RCE, from Unauthenticated access to a test API Webservice

URL

https://hackerone.com/reports/592400

Severity score

9.3

Reporter

geek_jeremy

Bounty paid

$4,000


Title

gmmovinparts.com SQLi via forgot_password.jsp

URL

https://hackerone.com/reports/109395

Severity score

null

Reporter

meals

Bounty paid

null


Title

SQL TEST

URL

https://hackerone.com/reports/248037

Severity score

null

Reporter

lozsec

Bounty paid

null


Title

SQL Injection vulnerability in a DoD website

URL

https://hackerone.com/reports/227587

Severity score

null

Reporter

tcpiplab

Bounty paid

null


Title

SQLi allow query restriction bypass on exposed FileContentProvider

URL

https://hackerone.com/reports/518669

Severity score

0.9

Reporter

doragon

Bounty paid

$100


Title

[www.zomato.com] Boolean SQLi - /███████.php

URL

https://hackerone.com/reports/301257

Severity score

null

Reporter

gerben_javado

Bounty paid

$1,000


Title

Blind SQL injection at tsftp.informatica.com

URL

https://hackerone.com/reports/1034625

Severity score

9.8

Reporter

r1pley

Bounty paid

null


Title

Time-based sql-injection на https://puzzle.mail.ru

URL

https://hackerone.com/reports/170149

Severity score

null

Reporter

0x01alka

Bounty paid

$300


Title

[parapa.mail.ru] SQL Injection reapet

URL

https://hackerone.com/reports/114086

Severity score

null

Reporter

haxta4ok00

Bounty paid

$150


Title

Time Based SQL Injection vulnerability on a DoD website

URL

https://hackerone.com/reports/188929

Severity score

null

Reporter

korprit

Bounty paid

null


Title

SQL Injection

URL

https://hackerone.com/reports/137956

Severity score

null

Reporter

konqi

Bounty paid

$150


Title

SQL Injection Extracts Starbucks Enterprise Accounting, Financial, Payroll Database

URL

https://hackerone.com/reports/531051

Severity score

9.3

Reporter

spaceraccoon

Bounty paid

$4,000


Title

[@azhou/basemodel] SQL injection

URL

https://hackerone.com/reports/506644

Severity score

8.6

Reporter

verichains

Bounty paid

null


Title

Sql injection on /webApp/sijoituswebinaari (viestinta.lahitapiola.fi)

URL

https://hackerone.com/reports/200212

Severity score

5.3

Reporter

3p1c

Bounty paid

$350


Title

SQL injection vulnerability on a DoD website

URL

https://hackerone.com/reports/189069

Severity score

null

Reporter

korprit

Bounty paid

null


Title

SQLi in love.uber.com

URL

https://hackerone.com/reports/125181

Severity score

null

Reporter

laps-forever

Bounty paid

$3,000


Title

Blind SQL Injection in city-mobil.ru domain

URL

https://hackerone.com/reports/711075

Severity score

null

Reporter

kiriknik

Bounty paid

$2,000


Title

3igames.mail.ru SQL Injection

URL

https://hackerone.com/reports/790005

Severity score

null

Reporter

cutoffurmind

Bounty paid

$1,500


Title

SQL injection on the https://████/

URL

https://hackerone.com/reports/488795

Severity score

null

Reporter

sp1d3rs

Bounty paid

null


Title

[https://reviews.zomato.com] Time Based SQL Injection

URL

https://hackerone.com/reports/300176

Severity score

null

Reporter

samengmg

Bounty paid

$1,000


Title

Blind SQL Injection at http://easytopup.in.th/es-services/mps.php via serial_no parameter

URL

https://hackerone.com/reports/790914

Severity score

7.5

Reporter

xorcx

Bounty paid

$1,000


Title

Sql-inj in https://maximum.com/ajax/people

URL

https://hackerone.com/reports/94584

Severity score

null

Reporter

page1337

Bounty paid

$40


Title

[contact-sys.com] SQL Injection████ limit param

URL

https://hackerone.com/reports/164945

Severity score

null

Reporter

bobrov

Bounty paid

$250


Title

SQL Injection on https://www.olx.co.id

URL

https://hackerone.com/reports/639876

Severity score

null

Reporter

nullcod3r

Bounty paid

null


Title

Time-base SQL Injection in Search Users

URL

https://hackerone.com/reports/876800

Severity score

5.5

Reporter

thiennv

Bounty paid

null


Title

SQL Injection at https://sea-web.gold.razer.com/lab/cash-card-incomplete-translog-resend via period-hour Parameter

URL

https://hackerone.com/reports/781205

Severity score

10

Reporter

s3cr3tsdn

Bounty paid

$2,000


Title

SQL Injection /webApp/cancel_iltakoulu regId parameter (viestinta.lahitapiola.fi)

URL

https://hackerone.com/reports/200818

Severity score

5.3

Reporter

yasar

Bounty paid

$1,350


Title

sql injection vulnerablity found

URL

https://hackerone.com/reports/211988

Severity score

null

Reporter

rasiras

Bounty paid

null


Title

Time-based Blind SQLi on news.starbucks.com

URL

https://hackerone.com/reports/198292

Severity score

null

Reporter

toctou

Bounty paid

null


Title

typeorm does not properly escape parameters when building SQL queries, resulting in potential SQLi

URL

https://hackerone.com/reports/319458

Severity score

6.4

Reporter

chalker

Bounty paid

null


Title

Boolean-based SQL Injection on relap.io

URL

https://hackerone.com/reports/745938

Severity score

9.7

Reporter

agametov

Bounty paid

$2,000


Title

[████████] Boolean SQL Injection (/personnel.php?content=profile&rcnum=*)

URL

https://hackerone.com/reports/648346

Severity score

null

Reporter

jarvis7

Bounty paid

null


Title

SQL Injection at api.easy2pay.co/add-on/get-sig.php via partner_id Parameter

URL

https://hackerone.com/reports/768195

Severity score

10

Reporter

s3cr3tsdn

Bounty paid

$2,000


Title

Blind SQL injection in Hall of Fap

URL

https://hackerone.com/reports/295841

Severity score

8.6

Reporter

ramsexy

Bounty paid

$2,500


Title

SQL Injection in the get_publications.php on the https://█████

URL

https://hackerone.com/reports/489483

Severity score

null

Reporter

sp1d3rs

Bounty paid

null


Title

[windows10.hi-tech.mail.ru] Blind SQL Injection

URL

https://hackerone.com/reports/786044

Severity score

7.5

Reporter

api_0

Bounty paid

$5,000


Title

SQL Injection in ████

URL

https://hackerone.com/reports/419017

Severity score

null

Reporter

arinerron2

Bounty paid

null


Title

SQL injection in https://labs.data.gov/dashboard/datagov/csv_to_json via User-agent

URL

https://hackerone.com/reports/297478

Severity score

9.1

Reporter

harisec

Bounty paid

$2,000


Title

SQL injection at https://sea-web.gold.razer.com/ajax-get-status.php via txid parameter

URL

https://hackerone.com/reports/819738

Severity score

9.9

Reporter

s3cr3tsdn

Bounty paid

$2,000