readme.md
January 20, 2023 · View on GitHub
Title
Solr Injection in user_id parameter at :/v2/leaderboard_v2.json
URL
https://hackerone.com/reports/952501
Severity score
9.1
Reporter
zzzhacker13
Bounty paid
$2,000
Title
SQL Injection Vulnerability in Concrete5 version 5.7.3.1
URL
https://hackerone.com/reports/59664
Severity score
null
Reporter
egix
Bounty paid
null
Title
[express-cart] Customer and admin email enumeration through MongoDB injection
URL
https://hackerone.com/reports/397445
Severity score
8.2
Reporter
becojo
Bounty paid
null
Title
Multiple Vulnerabilities in Oracle Webcenter Sites (/cs/Satellite)
URL
https://hackerone.com/reports/199082
Severity score
8.3
Reporter
teemuk
Bounty paid
$600
Title
SQL Injection on www.██████████ on countID parameter
URL
https://hackerone.com/reports/390879
Severity score
null
Reporter
0_1vitthal
Bounty paid
null
Title
SQL Injection vulnerability in a DoD website
URL
https://hackerone.com/reports/192079
Severity score
null
Reporter
korprit
Bounty paid
null
Title
SQL Injection in lapsuudenturva (viestinta.lahitapiola.fi)
URL
https://hackerone.com/reports/191146
Severity score
null
Reporter
sandh0t
Bounty paid
$1,350
Title
Blind SQL Injection on starbucks.com.gt and WAF Bypass :*
URL
https://hackerone.com/reports/549355
Severity score
null
Reporter
d3417_
Bounty paid
$500
Title
SQL Injection
URL
https://hackerone.com/reports/23014
Severity score
null
Reporter
yappare
Bounty paid
null
Title
[tidaltrek.mail.ru] SQL Injection
URL
https://hackerone.com/reports/142479
Severity score
null
Reporter
konqi
Bounty paid
$150
Title
SQLi on http://sports.yahoo.com/nfl/draft
URL
https://hackerone.com/reports/1538
Severity score
null
Reporter
stefanofinding
Bounty paid
$3,705
Title
[SQLI ]Time Bassed Injection at ██████████ via referer header
URL
https://hackerone.com/reports/995122
Severity score
null
Reporter
yassinek3ch
Bounty paid
null
Title
Blind SQL INJ
URL
https://hackerone.com/reports/115304
Severity score
null
Reporter
pentesters
Bounty paid
null
Title
████████ SQL
URL
https://hackerone.com/reports/381771
Severity score
null
Reporter
manshum12
Bounty paid
null
Title
Time Based SQL injection in url parameter
URL
https://hackerone.com/reports/144359
Severity score
null
Reporter
anony-123
Bounty paid
null
Title
SQL Injection vulnerability in a DoD website
URL
https://hackerone.com/reports/201512
Severity score
null
Reporter
alyssa_herrera
Bounty paid
null
Title
[orsotenslimselfie.lady.mail.ru] SQL Injection
URL
https://hackerone.com/reports/115291
Severity score
null
Reporter
konqi
Bounty paid
$300
Title
Blind SQL injection [https://honor.hi-tech.mail.ru]
URL
https://hackerone.com/reports/398131
Severity score
null
Reporter
haxta4ok00
Bounty paid
$300
Title
CTF Writeup
URL
https://hackerone.com/reports/507023
Severity score
null
Reporter
voidmercy
Bounty paid
null
Title
[████] SQL Injections on Referer Header exploitable via Time-Based method
URL
https://hackerone.com/reports/1018621
Severity score
null
Reporter
polygon35
Bounty paid
null
Title
SQL Injection on cookie parameter
URL
https://hackerone.com/reports/761304
Severity score
null
Reporter
w31rd0
Bounty paid
null
Title
SQL Injection /webApp/sijoitustalous_peruutus locId parameter (viestinta.lahitapiola.fi)
URL
https://hackerone.com/reports/181826
Severity score
5.9
Reporter
bobrov
Bounty paid
$350
Title
SQL injection vulnerability on a DoD website
URL
https://hackerone.com/reports/189332
Severity score
null
Reporter
mthirup
Bounty paid
null
Title
ActionController::Parameters .each returns an unsafe hash
URL
https://hackerone.com/reports/292797
Severity score
6.5
Reporter
abuisman
Bounty paid
$500
Title
Yahoo YQL Injection?
URL
https://hackerone.com/reports/1407
Severity score
null
Reporter
nahamsec
Bounty paid
null
Title
[www.zomato.com] Union SQLi + Waf Bypass
URL
https://hackerone.com/reports/258582
Severity score
null
Reporter
gerben_javado
Bounty paid
$1,000
Title
[SQLI ]Time Bassed Injection at ██████████ via /██████/library.php?c=G14 parameter
URL
https://hackerone.com/reports/1024984
Severity score
null
Reporter
zinminphy00
Bounty paid
null
Title
Blind SQL Injection(Time Based Payload) in https://www.easytopup.in.th/store/game/digimon-master via CheckuserForm[user_id]
URL
https://hackerone.com/reports/789259
Severity score
8.2
Reporter
angeltsvetkov
Bounty paid
$1,000
Title
Sql injection on docs.atavist.com
URL
https://hackerone.com/reports/1039315
Severity score
null
Reporter
lu3ky-13
Bounty paid
$200
Title
Drupal 7 pre auth sql injection and remote code execution
URL
https://hackerone.com/reports/31756
Severity score
null
Reporter
shorst
Bounty paid
$3,000
Title
SQL Injection vulnerability in a DoD website
URL
https://hackerone.com/reports/197754
Severity score
null
Reporter
hassaan
Bounty paid
null
Title
Time-Based Blind SQL Injection Attacks
URL
https://hackerone.com/reports/78443
Severity score
null
Reporter
lukazorge
Bounty paid
$150
Title
[untitled-model] sql injection
URL
https://hackerone.com/reports/507222
Severity score
8.6
Reporter
verichains
Bounty paid
null
Title
Time based sql injection
URL
https://hackerone.com/reports/9921
Severity score
null
Reporter
psych0tr1a
Bounty paid
$200
Title
SQL injection at fleet.city-mobil.ru
URL
https://hackerone.com/reports/881901
Severity score
8.8
Reporter
r0hack
Bounty paid
$10,000
Title
A SQL injection vulnerability in Vanilla
URL
https://hackerone.com/reports/358570
Severity score
null
Reporter
balis0ng
Bounty paid
$600
Title
[3k.mail.ru] SQL Injection
URL
https://hackerone.com/reports/116508
Severity score
null
Reporter
konqi
Bounty paid
$150
Title
SQL Injection in the move_papers.php on the https://██████████
URL
https://hackerone.com/reports/491191
Severity score
null
Reporter
sp1d3rs
Bounty paid
null
Title
[ipm.informatica.com] Sql injection Oracle
URL
https://hackerone.com/reports/178057
Severity score
null
Reporter
e3xpl0it
Bounty paid
null
Title
SQL Injection [unauthenticated] with direct output at https://news.mail.ru/
URL
https://hackerone.com/reports/818972
Severity score
8.4
Reporter
derision
Bounty paid
$7,500
Title
SQL injection in conc/index.php/ccm/system/search/users/submit
URL
https://hackerone.com/reports/38778
Severity score
null
Reporter
yujitounai
Bounty paid
null
Title
SQL Injection vulnerability in a DoD website
URL
https://hackerone.com/reports/226211
Severity score
null
Reporter
amsda
Bounty paid
null
Title
[www.zomato.com] Blind SQL Injection in /php/geto2banner
URL
https://hackerone.com/reports/838855
Severity score
null
Reporter
zzzhacker13
Bounty paid
$2,000
Title
SQL Injection on /webApp/omatalousuk (viestinta.lahitapiola.fi)
URL
https://hackerone.com/reports/179751
Severity score
5.9
Reporter
anandakshya
Bounty paid
$1,560
Title
SQLi in login form of █████
URL
https://hackerone.com/reports/982202
Severity score
null
Reporter
erbbysam
Bounty paid
null
Title
SQL Injection https://www.olx.co.id
URL
https://hackerone.com/reports/446293
Severity score
null
Reporter
codeslayer137
Bounty paid
null
Title
SQL injection (stacked queries) in the export to Excel functionality on Vidyo Server
URL
https://hackerone.com/reports/922567
Severity score
null
Reporter
b1ackgamba
Bounty paid
null
Title
[www.zomato.com] Boolean SQLi - /█████.php
URL
https://hackerone.com/reports/297534
Severity score
null
Reporter
gerben_javado
Bounty paid
$1,000
Title
[increments] sql injection
URL
https://hackerone.com/reports/508346
Severity score
8.6
Reporter
verichains
Bounty paid
null
Title
https://zest.co.th/zestlinepay/checkproduct API endpoint suffers from Boolean-based SQL injection
URL
https://hackerone.com/reports/783147
Severity score
7.3
Reporter
nnez
Bounty paid
null
Title
Information Disclosure in https://www.rockstargames.com/search
URL
https://hackerone.com/reports/808832
Severity score
null
Reporter
netfuzzer
Bounty paid
$250
Title
[api.easy2pay.co] SQL Injection in cashcard via card_no parameter ⭐️Bypassing IP whitelist⭐️
URL
https://hackerone.com/reports/894329
Severity score
7.5
Reporter
s3cr3tsdn
Bounty paid
null
Title
Дайте swag
URL
https://hackerone.com/reports/665688
Severity score
null
Reporter
linkks
Bounty paid
null
Title
Time-Based SQL injection at city-mobil.ru
URL
https://hackerone.com/reports/868436
Severity score
null
Reporter
r0hack
Bounty paid
$15,000
Title
store-agent.mail.ru: stacked blind injection
URL
https://hackerone.com/reports/60420
Severity score
null
Reporter
isox
Bounty paid
$400
Title
SQL injection in GraphQL endpoint through embedded_submission_form_uuid parameter
URL
https://hackerone.com/reports/435066
Severity score
10
Reporter
jobert
Bounty paid
null
Title
turboslim.lady.mail.ru - Blind sql-injection.
URL
https://hackerone.com/reports/795291
Severity score
7.5
Reporter
alexeysergeevich
Bounty paid
$5,000
Title
SQL Injection on 11x11.mail.ru
URL
https://hackerone.com/reports/15762
Severity score
null
Reporter
bigbear
Bounty paid
$150
Title
Multiple SQL Injections and constrained LFI in esk-static.3igames.mail.ru
URL
https://hackerone.com/reports/974078
Severity score
7.2
Reporter
haxonaut
Bounty paid
$1,500
Title
[query-mysql] SQL Injection due to lack of user input sanitization allows to run arbitrary SQL queries when fetching data from database
URL
https://hackerone.com/reports/311244
Severity score
9.8
Reporter
bl4de
Bounty paid
null
Title
Followup - SQL Injection - https://██████████/██████/MSI.portal
URL
https://hackerone.com/reports/692326
Severity score
null
Reporter
arkaic
Bounty paid
null
Title
SQL Injection vulnerability in a DoD website
URL
https://hackerone.com/reports/192110
Severity score
null
Reporter
korprit
Bounty paid
null
Title
SQL Injection on /cs/Satellite path
URL
https://hackerone.com/reports/164739
Severity score
null
Reporter
g0blin
Bounty paid
$400
Title
SQL injection found in US Navy Website (http://███/)
URL
https://hackerone.com/reports/197755
Severity score
null
Reporter
hassaan
Bounty paid
null
Title
vk.com/login.php
URL
https://hackerone.com/reports/116764
Severity score
null
Reporter
close
Bounty paid
$200
Title
[afocusp.informatica.com] Sql injection afocusp.informatica.com:37777
URL
https://hackerone.com/reports/178632
Severity score
null
Reporter
e3xpl0it
Bounty paid
null
Title
[lk.contact-sys.com] SQL Injection reset_password FP_LK_USER_LOGIN
URL
https://hackerone.com/reports/164684
Severity score
null
Reporter
bobrov
Bounty paid
$300
Title
SQL Injection on /webApp/lapsuudenturva (viestinta.lahitapiola.fi)
URL
https://hackerone.com/reports/200214
Severity score
5.3
Reporter
3p1c
Bounty paid
$1,350
Title
[https://www.anghami.com/updatemailinfo/] Sql Injection
URL
https://hackerone.com/reports/86468
Severity score
null
Reporter
jayden
Bounty paid
$300
Title
Code reversion allowing SQLI again in ███████
URL
https://hackerone.com/reports/348047
Severity score
null
Reporter
alyssa_herrera
Bounty paid
null
Title
SQL injection vulnerability in a DoD website
URL
https://hackerone.com/reports/195051
Severity score
null
Reporter
shakaa1
Bounty paid
null
Title
Multiple vulnerabilities in a WordPress plugin at drive.uber.com
URL
https://hackerone.com/reports/135288
Severity score
null
Reporter
0xsyndr0me
Bounty paid
$5,000
Title
SQL injection vulnerability on a DoD website
URL
https://hackerone.com/reports/193436
Severity score
null
Reporter
korprit
Bounty paid
null
Title
SQL Injection vulnerability located at ████████
URL
https://hackerone.com/reports/384397
Severity score
null
Reporter
rootaccess
Bounty paid
null
Title
allods.mail.ru sql injection
URL
https://hackerone.com/reports/738740
Severity score
null
Reporter
linkks
Bounty paid
$2,200
Title
SQL injection on █████ due to tech.cfm
URL
https://hackerone.com/reports/310031
Severity score
null
Reporter
alyssa_herrera
Bounty paid
null
Title
Possible SQL injection on "Jump to twitter"
URL
https://hackerone.com/reports/81701
Severity score
null
Reporter
deleted
Bounty paid
$1
Title
SQL injection vulnerability on a DoD website
URL
https://hackerone.com/reports/202619
Severity score
null
Reporter
0xd0m7
Bounty paid
null
Title
Possible SQL injection can cause denial of service attack
URL
https://hackerone.com/reports/123660
Severity score
null
Reporter
super_hack
Bounty paid
null
Title
SQL Injection in https://api-my.pay.razer.com/inviteFriend/getInviteHistoryLog
URL
https://hackerone.com/reports/811111
Severity score
9.1
Reporter
reemer
Bounty paid
$2,000
Title
SQL inj
URL
https://hackerone.com/reports/10468
Severity score
null
Reporter
vah13
Bounty paid
$150
Title
sql injection on /messagecenter/messagingcenter at https://www.███████/
URL
https://hackerone.com/reports/381758
Severity score
null
Reporter
modam3r5
Bounty paid
null
Title
SOAP WSDL Parser SQL Code Execution
URL
https://hackerone.com/reports/390359
Severity score
null
Reporter
websecnl
Bounty paid
null
Title
SQL injection on https://███████
URL
https://hackerone.com/reports/214798
Severity score
null
Reporter
daveysec
Bounty paid
null
Title
[www.zomato.com] Abusing LocalParams (city) to Inject SOLR query
URL
https://hackerone.com/reports/844428
Severity score
null
Reporter
zzzhacker13
Bounty paid
$100
Title
SQL Injection vulnerability in a DoD website
URL
https://hackerone.com/reports/216699
Severity score
null
Reporter
albinowax
Bounty paid
null
Title
SQL Injection Proof of Concept for Starbucks URL
URL
https://hackerone.com/reports/360539
Severity score
null
Reporter
debo
Bounty paid
null
Title
SQL Injection on sctrack.email.uber.com.cn
URL
https://hackerone.com/reports/150156
Severity score
null
Reporter
orange
Bounty paid
$4,000
Title
SQL Injection found in NextCloud Android App Content Provider
URL
https://hackerone.com/reports/291764
Severity score
0.9
Reporter
bluedangerforyou
Bounty paid
$150
Title
SQLi at https://sea-web.gold.razer.com/demo-th/purchase-result.php via orderid Parameter
URL
https://hackerone.com/reports/777693
Severity score
10
Reporter
s3cr3tsdn
Bounty paid
$2,000
Title
[www.zomato.com] Blind SQL Injection in /php/widgets_handler.php
URL
https://hackerone.com/reports/836079
Severity score
null
Reporter
zzzhacker13
Bounty paid
$2,000
Title
SQL inj
URL
https://hackerone.com/reports/10037
Severity score
null
Reporter
vah13
Bounty paid
$150
Title
sql
URL
https://hackerone.com/reports/453297
Severity score
7.3
Reporter
linkks
Bounty paid
$300
Title
SQL injection, time zoom script, tile ID
URL
https://hackerone.com/reports/17227
Severity score
null
Reporter
bitquark
Bounty paid
null
Title
SQL Injection /webApp/oma_conf ctx parameter (viestinta.lahitapiola.fi)
URL
https://hackerone.com/reports/181803
Severity score
5.9
Reporter
bobrov
Bounty paid
$1,350
Title
Time Based SQL Injection vulnerability on a DoD website
URL
https://hackerone.com/reports/189851
Severity score
null
Reporter
alyssa_herrera
Bounty paid
null
Title
SQL Injection, exploitable in boolean mode
URL
https://hackerone.com/reports/246412
Severity score
9
Reporter
securitygab
Bounty paid
$300
Title
Blind SQL injection on ████████
URL
https://hackerone.com/reports/313037
Severity score
null
Reporter
alyssa_herrera
Bounty paid
null
Title
[CRITICAL] Sql Injection on http://axa.dxi.eu
URL
https://hackerone.com/reports/722145
Severity score
null
Reporter
madrobot
Bounty paid
null
Title
SQL injection in partner id field on https://www.teavana.com (Sign-up form)
URL
https://hackerone.com/reports/269279
Severity score
5.3
Reporter
bigbug
Bounty paid
$250
Title
[███] SQL injection & Reflected XSS
URL
https://hackerone.com/reports/484801
Severity score
null
Reporter
jarvis7
Bounty paid
null
Title
[afisha.mail.ru] SQL Injection
URL
https://hackerone.com/reports/112555
Severity score
null
Reporter
konqi
Bounty paid
$300
Title
SQL Injection ON HK.Promotion
URL
https://hackerone.com/reports/3039
Severity score
null
Reporter
nahamsec
Bounty paid
$1,000
Title
[typeorm] SQL Injection
URL
https://hackerone.com/reports/506654
Severity score
8.6
Reporter
verichains
Bounty paid
null
Title
SQL Injection in Login Page: https://█████/█████████/login.php
URL
https://hackerone.com/reports/447742
Severity score
null
Reporter
l00ph0le
Bounty paid
null
Title
Blind SQL Injection on DoD Site
URL
https://hackerone.com/reports/242882
Severity score
null
Reporter
mr_r3boot
Bounty paid
null
Title
SQL injection vulnerability on a DoD website
URL
https://hackerone.com/reports/200623
Severity score
null
Reporter
vag_mour
Bounty paid
null
Title
MSSQL injection via param Customwho in https://█████/News/Transcripts/Search/Sort/ and WAF bypass
URL
https://hackerone.com/reports/577612
Severity score
null
Reporter
bohdansec
Bounty paid
null
Title
SQL Injection on /webApp/viivanalle (viestinta.lahitapiola.fi)
URL
https://hackerone.com/reports/200210
Severity score
5.3
Reporter
3p1c
Bounty paid
$350
Title
SQL injection update.mail.ru
URL
https://hackerone.com/reports/11861
Severity score
null
Reporter
vah13
Bounty paid
$250
Title
Time Based SQL-inject in post-parametr login[username] [domain - youporn.com]
URL
https://hackerone.com/reports/203935
Severity score
null
Reporter
almaco
Bounty paid
$2,500
Title
SQL
URL
https://hackerone.com/reports/10081
Severity score
null
Reporter
vah13
Bounty paid
$150
Title
SQL Injection - https://███/█████████/MSI.portal
URL
https://hackerone.com/reports/674838
Severity score
null
Reporter
arkaic
Bounty paid
null
Title
[critical] sql injection by GET method
URL
https://hackerone.com/reports/319279
Severity score
8
Reporter
securitygab
Bounty paid
null
Title
SQL injection in Razer Gold List Admin at /lists/index.php via the list[] parameter.
URL
https://hackerone.com/reports/824307
Severity score
10
Reporter
stealthy
Bounty paid
$2,000
Title
[Informational] Possible SQL Injection in inc/ajax-actions-frontend.php
URL
https://hackerone.com/reports/310280
Severity score
null
Reporter
damian89
Bounty paid
$10
Title
Code source discloure & ability to get database information "SQL injection" in [townwars.mail.ru]
URL
https://hackerone.com/reports/141329
Severity score
null
Reporter
xsam
Bounty paid
$150
Title
caesary.yahoo.net Blind Sql Injection
URL
https://hackerone.com/reports/21899
Severity score
null
Reporter
imadchabounia
Bounty paid
null
Title
SQL Injection in report_xml.php through countryFilter[] parameter
URL
https://hackerone.com/reports/383127
Severity score
9.9
Reporter
moskowsky
Bounty paid
$25,000
Title
stripo blog search SQL Injection
URL
https://hackerone.com/reports/761382
Severity score
null
Reporter
bluebridsec
Bounty paid
null
Title
[www.zomato.com] SQLi - /php/██████████ - item_id
URL
https://hackerone.com/reports/403616
Severity score
null
Reporter
gerben_javado
Bounty paid
$4,500
Title
SQL Injection in ████
URL
https://hackerone.com/reports/519631
Severity score
null
Reporter
arinerron2
Bounty paid
null
Title
[www.zomato.com] SQLi on order_id parameter
URL
https://hackerone.com/reports/358669
Severity score
null
Reporter
saltedfish
Bounty paid
$1,000
Title
[informatica.com] Blind SQL Injection
URL
https://hackerone.com/reports/117073
Severity score
null
Reporter
konqi
Bounty paid
null
Title
Weak credentials, Blind SQLi, Timing attack, that leads to web admin access
URL
https://hackerone.com/reports/514584
Severity score
9.8
Reporter
rabbidbyte
Bounty paid
null
Title
SQL injection
URL
https://hackerone.com/reports/311922
Severity score
null
Reporter
alyssa_herrera
Bounty paid
null
Title
SQL LIKE clauses wildcard injection
URL
https://hackerone.com/reports/852306
Severity score
null
Reporter
bazzy
Bounty paid
$8,000
Title
[parapa.mail.ru] SQL Injection
URL
https://hackerone.com/reports/109212
Severity score
null
Reporter
konqi
Bounty paid
$150
Title
www.drivegrab.com SQL injection
URL
https://hackerone.com/reports/273946
Severity score
null
Reporter
jouko
Bounty paid
$4,500
Title
[Android API] SQL injection ( errortoken.json )
URL
https://hackerone.com/reports/204050
Severity score
null
Reporter
lisa122
Bounty paid
null
Title
Blind SQLi in a DoD Website
URL
https://hackerone.com/reports/196300
Severity score
null
Reporter
akaki
Bounty paid
null
Title
[townwars.mail.ru] Time-Based SQL Injection
URL
https://hackerone.com/reports/144674
Severity score
null
Reporter
konqi
Bounty paid
$150
Title
Two Error-Based SQLi in courses.aspx on ██████████
URL
https://hackerone.com/reports/227102
Severity score
null
Reporter
tcpiplab
Bounty paid
null
Title
[cfire.mail.ru] Time Based SQL Injection
URL
https://hackerone.com/reports/107780
Severity score
null
Reporter
konqi
Bounty paid
$150
Title
blind sql injection
URL
https://hackerone.com/reports/374027
Severity score
7.3
Reporter
geeknik
Bounty paid
null
Title
SQL injection in Serendipity (serendipity_fetchComments)
URL
https://hackerone.com/reports/374748
Severity score
null
Reporter
oreamnos
Bounty paid
null
Title
sqli
URL
https://hackerone.com/reports/207695
Severity score
null
Reporter
linkks
Bounty paid
$1,000
Title
SQL injection in Wordpress Plugin Huge IT Video Gallery at https://drive.uber.com/frmarketplace/
URL
https://hackerone.com/reports/125932
Severity score
null
Reporter
glc
Bounty paid
$3,000
Title
SQL Injection or Denial of Service due to a Prototype Pollution
URL
https://hackerone.com/reports/869574
Severity score
9.9
Reporter
phra
Bounty paid
null
Title
sql does not properly escape parameters when building SQL queries, resulting in potential SQLi
URL
https://hackerone.com/reports/319465
Severity score
6.3
Reporter
chalker
Bounty paid
null
Title
Arbitrary SQL command injection
URL
https://hackerone.com/reports/508487
Severity score
null
Reporter
leonklingele
Bounty paid
$500
Title
SQL injections
URL
https://hackerone.com/reports/272506
Severity score
null
Reporter
lfb
Bounty paid
null
Title
SQL Injection in sijoitustalous_peruutus (viestinta.lahitapiola.fi)
URL
https://hackerone.com/reports/190434
Severity score
5.9
Reporter
cyriac
Bounty paid
$1,350
Title
WordPress DB Class, bad implementation of prepare method guides to sqli and information disclosure
URL
https://hackerone.com/reports/179920
Severity score
null
Reporter
b258ea62bf297b02afa9854
Bounty paid
null
Title
[api.easy2pay.co] SQL Injection at fortumo via TransID parameter [Bypassing Signature Validation🔥]
URL
https://hackerone.com/reports/894325
Severity score
7.5
Reporter
s3cr3tsdn
Bounty paid
$4,000
Title
SQL Injection on /webApp/sijoitustalousuk email-parameter + potential lack of CSRF Token (viestinta.lahitapiola.fi)
URL
https://hackerone.com/reports/191601
Severity score
5.9
Reporter
jimmyjohns
Bounty paid
$1,350
Title
Vanilla SQL Injection Vulnerability
URL
https://hackerone.com/reports/353784
Severity score
null
Reporter
balis0ng
Bounty paid
$600
Title
Blind SQL injection and making any profile comments from any users to disappear using "like" function (2 in 1 issues)
URL
https://hackerone.com/reports/363815
Severity score
null
Reporter
sp1d3rs
Bounty paid
$2,500
Title
[cfire.mail.ru] Time Based SQL Injection 2
URL
https://hackerone.com/reports/111003
Severity score
null
Reporter
haxta4ok00
Bounty paid
$200
Title
Blind SQL Injection
URL
https://hackerone.com/reports/758654
Severity score
null
Reporter
rzx007x
Bounty paid
$2,000
Title
SQL injection [дырка в движке форума]
URL
https://hackerone.com/reports/9919
Severity score
null
Reporter
psych0tr1a
Bounty paid
$200
Title
Blind SQL Injection
URL
https://hackerone.com/reports/221757
Severity score
null
Reporter
linkks
Bounty paid
$300
Title
Blind SQL Injection on news.mail.ru
URL
https://hackerone.com/reports/732430
Severity score
8
Reporter
asdqwedev
Bounty paid
$3,000
Title
[tidaltrek.mail.ru] SQL Injection
URL
https://hackerone.com/reports/140899
Severity score
null
Reporter
konqi
Bounty paid
$150
Title
SQL injection in MilestoneFinder order method
URL
https://hackerone.com/reports/298176
Severity score
9.9
Reporter
jobert
Bounty paid
$2,000
Title
SQL injection vulnerability on a DoD website
URL
https://hackerone.com/reports/193936
Severity score
null
Reporter
mthirup
Bounty paid
null
Title
Blind SQL injection in third-party software, that allows to reveal user statistic from rocket.chat and possibly hack into the rocketchat.agilecrm.com
URL
https://hackerone.com/reports/433792
Severity score
null
Reporter
w2w
Bounty paid
null
Title
SQL injection in 3rd party software Anomali
URL
https://hackerone.com/reports/206872
Severity score
null
Reporter
kazan71p
Bounty paid
$2,500
Title
Blind SQLi leading to RCE, from Unauthenticated access to a test API Webservice
URL
https://hackerone.com/reports/592400
Severity score
9.3
Reporter
geek_jeremy
Bounty paid
$4,000
Title
gmmovinparts.com SQLi via forgot_password.jsp
URL
https://hackerone.com/reports/109395
Severity score
null
Reporter
meals
Bounty paid
null
Title
SQL TEST
URL
https://hackerone.com/reports/248037
Severity score
null
Reporter
lozsec
Bounty paid
null
Title
SQL Injection vulnerability in a DoD website
URL
https://hackerone.com/reports/227587
Severity score
null
Reporter
tcpiplab
Bounty paid
null
Title
SQLi allow query restriction bypass on exposed FileContentProvider
URL
https://hackerone.com/reports/518669
Severity score
0.9
Reporter
doragon
Bounty paid
$100
Title
[www.zomato.com] Boolean SQLi - /███████.php
URL
https://hackerone.com/reports/301257
Severity score
null
Reporter
gerben_javado
Bounty paid
$1,000
Title
Blind SQL injection at tsftp.informatica.com
URL
https://hackerone.com/reports/1034625
Severity score
9.8
Reporter
r1pley
Bounty paid
null
Title
Time-based sql-injection на https://puzzle.mail.ru
URL
https://hackerone.com/reports/170149
Severity score
null
Reporter
0x01alka
Bounty paid
$300
Title
[parapa.mail.ru] SQL Injection reapet
URL
https://hackerone.com/reports/114086
Severity score
null
Reporter
haxta4ok00
Bounty paid
$150
Title
Time Based SQL Injection vulnerability on a DoD website
URL
https://hackerone.com/reports/188929
Severity score
null
Reporter
korprit
Bounty paid
null
Title
SQL Injection
URL
https://hackerone.com/reports/137956
Severity score
null
Reporter
konqi
Bounty paid
$150
Title
SQL Injection Extracts Starbucks Enterprise Accounting, Financial, Payroll Database
URL
https://hackerone.com/reports/531051
Severity score
9.3
Reporter
spaceraccoon
Bounty paid
$4,000
Title
[@azhou/basemodel] SQL injection
URL
https://hackerone.com/reports/506644
Severity score
8.6
Reporter
verichains
Bounty paid
null
Title
Sql injection on /webApp/sijoituswebinaari (viestinta.lahitapiola.fi)
URL
https://hackerone.com/reports/200212
Severity score
5.3
Reporter
3p1c
Bounty paid
$350
Title
SQL injection vulnerability on a DoD website
URL
https://hackerone.com/reports/189069
Severity score
null
Reporter
korprit
Bounty paid
null
Title
SQLi in love.uber.com
URL
https://hackerone.com/reports/125181
Severity score
null
Reporter
laps-forever
Bounty paid
$3,000
Title
Blind SQL Injection in city-mobil.ru domain
URL
https://hackerone.com/reports/711075
Severity score
null
Reporter
kiriknik
Bounty paid
$2,000
Title
3igames.mail.ru SQL Injection
URL
https://hackerone.com/reports/790005
Severity score
null
Reporter
cutoffurmind
Bounty paid
$1,500
Title
SQL injection on the https://████/
URL
https://hackerone.com/reports/488795
Severity score
null
Reporter
sp1d3rs
Bounty paid
null
Title
[https://reviews.zomato.com] Time Based SQL Injection
URL
https://hackerone.com/reports/300176
Severity score
null
Reporter
samengmg
Bounty paid
$1,000
Title
Blind SQL Injection at http://easytopup.in.th/es-services/mps.php via serial_no parameter
URL
https://hackerone.com/reports/790914
Severity score
7.5
Reporter
xorcx
Bounty paid
$1,000
Title
Sql-inj in https://maximum.com/ajax/people
URL
https://hackerone.com/reports/94584
Severity score
null
Reporter
page1337
Bounty paid
$40
Title
[contact-sys.com] SQL Injection████ limit param
URL
https://hackerone.com/reports/164945
Severity score
null
Reporter
bobrov
Bounty paid
$250
Title
SQL Injection on https://www.olx.co.id
URL
https://hackerone.com/reports/639876
Severity score
null
Reporter
nullcod3r
Bounty paid
null
Title
Time-base SQL Injection in Search Users
URL
https://hackerone.com/reports/876800
Severity score
5.5
Reporter
thiennv
Bounty paid
null
Title
SQL Injection at https://sea-web.gold.razer.com/lab/cash-card-incomplete-translog-resend via period-hour Parameter
URL
https://hackerone.com/reports/781205
Severity score
10
Reporter
s3cr3tsdn
Bounty paid
$2,000
Title
SQL Injection /webApp/cancel_iltakoulu regId parameter (viestinta.lahitapiola.fi)
URL
https://hackerone.com/reports/200818
Severity score
5.3
Reporter
yasar
Bounty paid
$1,350
Title
sql injection vulnerablity found
URL
https://hackerone.com/reports/211988
Severity score
null
Reporter
rasiras
Bounty paid
null
Title
Time-based Blind SQLi on news.starbucks.com
URL
https://hackerone.com/reports/198292
Severity score
null
Reporter
toctou
Bounty paid
null
Title
typeorm does not properly escape parameters when building SQL queries, resulting in potential SQLi
URL
https://hackerone.com/reports/319458
Severity score
6.4
Reporter
chalker
Bounty paid
null
Title
Boolean-based SQL Injection on relap.io
URL
https://hackerone.com/reports/745938
Severity score
9.7
Reporter
agametov
Bounty paid
$2,000
Title
[████████] Boolean SQL Injection (/personnel.php?content=profile&rcnum=*)
URL
https://hackerone.com/reports/648346
Severity score
null
Reporter
jarvis7
Bounty paid
null
Title
SQL Injection at api.easy2pay.co/add-on/get-sig.php via partner_id Parameter
URL
https://hackerone.com/reports/768195
Severity score
10
Reporter
s3cr3tsdn
Bounty paid
$2,000
Title
Blind SQL injection in Hall of Fap
URL
https://hackerone.com/reports/295841
Severity score
8.6
Reporter
ramsexy
Bounty paid
$2,500
Title
SQL Injection in the get_publications.php on the https://█████
URL
https://hackerone.com/reports/489483
Severity score
null
Reporter
sp1d3rs
Bounty paid
null
Title
[windows10.hi-tech.mail.ru] Blind SQL Injection
URL
https://hackerone.com/reports/786044
Severity score
7.5
Reporter
api_0
Bounty paid
$5,000
Title
SQL Injection in ████
URL
https://hackerone.com/reports/419017
Severity score
null
Reporter
arinerron2
Bounty paid
null
Title
SQL injection in https://labs.data.gov/dashboard/datagov/csv_to_json via User-agent
URL
https://hackerone.com/reports/297478
Severity score
9.1
Reporter
harisec
Bounty paid
$2,000
Title
SQL injection at https://sea-web.gold.razer.com/ajax-get-status.php via txid parameter
URL
https://hackerone.com/reports/819738
Severity score
9.9
Reporter
s3cr3tsdn
Bounty paid
$2,000