readme.md

Title

Unrestricted File Upload on https://app.dropcontact.io/app/upload/

URL

https://hackerone.com/reports/949295

Severity score

null

Reporter

omarelfarsaoui

Bounty paid

null

---

Title

Unrestricted File Upload on https://my.stripo.email and https://stripo.email

URL

https://hackerone.com/reports/823588

Severity score

null

Reporter

doctor_spooky

Bounty paid

null

---

Title

Unrestricted file upload when creating quotes allows for Stored XSS

URL

https://hackerone.com/reports/788397

Severity score

5.2

Reporter

m0chan

Bounty paid

$250

---

Title

Stored XSS on ████████helpdesk

URL

https://hackerone.com/reports/901799

Severity score

null

Reporter

atbabers

Bounty paid

null

---

Title

Theme Assets uploader allows HTML content

URL

https://hackerone.com/reports/769998

Severity score

null

Reporter

nightmare_msf

Bounty paid

$100

---

Title

Unrestricted file upload leads to Stored XSS

URL

https://hackerone.com/reports/808862

Severity score

null

Reporter

semsem123

Bounty paid

$250

---

Title

Tricking the "Create snippet" feature into displaying the wrong filetype can lead to RCE on Slack users

URL

https://hackerone.com/reports/833080

Severity score

8.7

Reporter

mcsheehan

Bounty paid

$1,500

---

Title

Unrestricted File Upload Leads to XSS & Potential RCE

URL

https://hackerone.com/reports/900179

Severity score

null

Reporter

pi_hunter50

Bounty paid

null

---

Title

File upload vulnerability on a DoD website

URL

https://hackerone.com/reports/191243

Severity score

null

Reporter

korprit

Bounty paid

null

---

Title

Unrestricted File Upload on https://app.lemlist.com

URL

https://hackerone.com/reports/722919

Severity score

null

Reporter

ctulhu

Bounty paid

null

---