Bugpoint – Telegram
Bugpoint
@bugpoint
1.06K subscribers
3.73K photos
3.73K links
Latest updates about disclosure bug bounty reports: tech details, impacts, bounties 📣

Rate👇
https://cutt.ly/bugpoint_rate
Feedback👇
https://cutt.ly/bugpoint_feedback

#️⃣ bug bounty disclosed reports
#️⃣ bug bounty write-ups
#️⃣ bug bounty teleg
Download Telegram
About
Blog
Apps
Platform
Join
Bugpoint
1.06K subscribers
Bugpoint
Incorrect authorization to the intelbot service leading to ticket information

👉 https://hackerone.com/reports/1328546

🔹 Severity: Critical | 💰 15,000 USD
🔹 Reported To: TikTok
🔹 Reported By: #johnstone
🔹 State: 🟢 Resolved
🔹 Disclosed: February 23, 2022, 12:09am (UTC)
🔥3
363 views
Bugpoint
Add upto 10K rupees to a wallet by paying an arbitrary amount

👉 https://hackerone.com/reports/1408782

🔹 Severity: High | 💰 2,000 USD
🔹 Reported To: Zomato
🔹 Reported By: #ashoka_rao
🔹 State: 🟢 Resolved
🔹 Disclosed: February 23, 2022, 12:19pm (UTC)
387 views
Bugpoint
Deliviry Club Courier app (v. 3.9.25.0); Disclosure phone number of client.

👉 https://hackerone.com/reports/1382570

🔹 Severity: Medium | 💰 150 USD
🔹 Reported To: Mail.ru
🔹 Reported By: #388
🔹 State: 🟢 Resolved
🔹 Disclosed: February 23, 2022, 1:01pm (UTC)
413 views
Bugpoint
Hackerone open redirect security alert bypass via view report as PDF

👉 https://hackerone.com/reports/1386277

🔹 Severity: Low | 💰 500 USD
🔹 Reported To: HackerOne
🔹 Reported By: #iamr0000t
🔹 State: 🟢 Resolved
🔹 Disclosed: February 25, 2022, 5:06pm (UTC)
368 views
Bugpoint
[Android] Directory traversal leading to stealing auth tokens

👉 https://hackerone.com/reports/1378889

🔹 Severity: High | 💰 3,500 USD
🔹 Reported To: Slack
🔹 Reported By: #danielllewellyn
🔹 State: 🟢 Resolved
🔹 Disclosed: February 25, 2022, 5:07pm (UTC)
393 views
Bugpoint
👍64😢3👎1
407 views
Bugpoint
[AWC-Pune] - User can download files deleted by Admin using shortcuts

👉 https://hackerone.com/reports/1463028

🔹 Severity: Medium | 💰 550 USD
🔹 Reported To: Lark Technologies
🔹 Reported By: #prateek_thakare
🔹 State: 🟢 Resolved
🔹 Disclosed: February 25, 2022, 7:56pm (UTC)
469 views
Bugpoint
Bypass Email Verification in Customer Portal

👉 https://hackerone.com/reports/1443211

🔹 Severity: Low | 💰 150 USD
🔹 Reported To: Mattermost
🔹 Reported By: #odx09
🔹 State: 🟢 Resolved
🔹 Disclosed: February 26, 2022, 8:20am (UTC)
537 views
Bugpoint
Bugpoint pinned a photo
Bugpoint
Session Fixation on Acronis

👉 https://hackerone.com/reports/1486341

🔹 Severity: Medium
🔹 Reported To: Acronis
🔹 Reported By: #hatnare
🔹 State: 🔴 N/A
🔹 Disclosed: March 1, 2022, 9:09am (UTC)
425 views
Bugpoint
Reflected XSS on www.pornhub.com and www.pornhubpremium.com

👉 https://hackerone.com/reports/1354161

🔹 Severity: Medium | 💰 750 USD
🔹 Reported To: Pornhub
🔹 Reported By: #wh0ru
🔹 State: 🟢 Resolved
🔹 Disclosed: March 2, 2022, 12:30pm (UTC)
445 views
Bugpoint
Open Redirect TO Stealing aadvid

👉 https://hackerone.com/reports/1378533

🔹 Severity: Low | 💰 500 USD
🔹 Reported To: TikTok
🔹 Reported By: #lu3ky-13
🔹 State: 🟢 Resolved
🔹 Disclosed: March 2, 2022, 9:13pm (UTC)
381 views
Bugpoint
IDOR delete any Tickets on ads.tiktok.com

👉 https://hackerone.com/reports/1475520

🔹 Severity: High | 💰 5,000 USD
🔹 Reported To: TikTok
🔹 Reported By: #datph4m
🔹 State: 🟢 Resolved
🔹 Disclosed: March 2, 2022, 9:15pm (UTC)
👍1
387 views
Bugpoint
stand.pw.mail.ru xss

👉 https://hackerone.com/reports/1400197

🔹 Severity: Low
🔹 Reported To: Mail.ru
🔹 Reported By: #smallyu
🔹 State: 🟢 Resolved
🔹 Disclosed: March 3, 2022, 2:47am (UTC)
393 views
Bugpoint
Subdomain Takeover at https://new.rubyonrails.org/

👉 https://hackerone.com/reports/1429148

🔹 Severity: High
🔹 Reported To: Ruby on Rails
🔹 Reported By: #nagli
🔹 State: 🟢 Resolved
🔹 Disclosed: March 3, 2022, 9:12pm (UTC)
379 views
Bugpoint
Uber Test Report 20220301

👉 https://hackerone.com/reports/1496297

🔹 Severity: Medium
🔹 Reported To: Uber
🔹 Reported By: #johnzilla313
🔹 State: 🟢 Resolved
🔹 Disclosed: March 3, 2022, 9:13pm (UTC)
409 views
Bugpoint
Brute force attack of current password on login page by bypassing account limit using IP rotator(https://dashboard.omise.co/signin)

👉 https://hackerone.com/reports/1466967

🔹 Severity: Medium
🔹 Reported To: Omise
🔹 Reported By: #sachinrajput
🔹 State: 🟢 Resolved
🔹 Disclosed: March 4, 2022, 4:14am (UTC)
442 views
Bugpoint
Normal User is able to EXPORT Feature Usage Statistics

👉 https://hackerone.com/reports/1470076

🔹 Severity: Medium | 💰 500 USD
🔹 Reported To: Lark Technologies
🔹 Reported By: #aishkendle
🔹 State: 🟢 Resolved
🔹 Disclosed: March 4, 2022, 10:13pm (UTC)
452 views
Bugpoint
unclaimed subdomain special.rkeeper.ru to takeover from tilda.cc

👉 https://hackerone.com/reports/1045644

🔹 Severity: Low
🔹 Reported To: Mail.ru
🔹 Reported By: #mainteemoforfun
🔹 State: 🟢 Resolved
🔹 Disclosed: March 5, 2022, 8:15am (UTC)
👍1
493 views
Bugpoint
Web Cache Poisoning leads to Stored XSS

👉 https://hackerone.com/reports/1424094

🔹 Severity: High | 💰 2,000 USD
🔹 Reported To: Glassdoor
🔹 Reported By: #bombon
🔹 State: 🟢 Resolved
🔹 Disclosed: March 7, 2022, 4:25pm (UTC)
👍1
436 views
Bugpoint
PHP Info Exposing Secrets at https://radio.mtn.bj/info

👉 https://hackerone.com/reports/1049402

🔹 Severity: High
🔹 Reported To: MTN Group
🔹 Reported By: #pudsec
🔹 State: 🟢 Resolved
🔹 Disclosed: March 8, 2022, 10:48am (UTC)
👍1
409 views