NEW BOT Телеграм, страница

Bugpoint

XSS DUE TO CVE-2020-3580

👉 https://hackerone.com/reports/1606068

🔹 Severity: Medium
🔹 Reported To: U.S. Dept Of Defense
🔹 Reported By: #cruxn3t
🔹 State: 🟢 Resolved
🔹 Disclosed: September 6, 2022, 6:55pm (UTC)

125 views10:05

Bugpoint

Access to admininstrative resources/account via path traversal

👉 https://hackerone.com/reports/1326352

🔹 Severity: Critical
🔹 Reported To: U.S. Dept Of Defense
🔹 Reported By: #j4k3d
🔹 State: 🟢 Resolved
🔹 Disclosed: September 6, 2022, 6:59pm (UTC)

131 views10:05

Bugpoint

RXSS on ███████

👉 https://hackerone.com/reports/1626962

🔹 Severity: Medium
🔹 Reported To: U.S. Dept Of Defense
🔹 Reported By: #tmz900
🔹 State: 🟢 Resolved
🔹 Disclosed: September 6, 2022, 7:01pm (UTC)

134 views10:05

Bugpoint

Stored XSS at https://█████

👉 https://hackerone.com/reports/1620247

🔹 Severity: High
🔹 Reported To: U.S. Dept Of Defense
🔹 Reported By: #shanekag
🔹 State: 🟢 Resolved
🔹 Disclosed: September 6, 2022, 7:04pm (UTC)

135 views10:05

Bugpoint

██████_log4j - https://██████

👉 https://hackerone.com/reports/1631364

🔹 Severity: Critical
🔹 Reported To: U.S. Dept Of Defense
🔹 Reported By: #hachimanxienim
🔹 State: 🟢 Resolved
🔹 Disclosed: September 6, 2022, 7:07pm (UTC)

142 views10:05

Bugpoint

solr_log4j - http://██████████

👉 https://hackerone.com/reports/1631370

🔹 Severity: Critical
🔹 Reported To: U.S. Dept Of Defense
🔹 Reported By: #hachimanxienim
🔹 State: 🟢 Resolved
🔹 Disclosed: September 6, 2022, 7:10pm (UTC)

143 views10:05

Bugpoint

RXSS on █████████

👉 https://hackerone.com/reports/1627616

🔹 Severity: Medium
🔹 Reported To: U.S. Dept Of Defense
🔹 Reported By: #tmz900
🔹 State: 🟢 Resolved
🔹 Disclosed: September 6, 2022, 7:12pm (UTC)

151 views10:06

Bugpoint

Reflected cross site noscripting in https://███████

👉 https://hackerone.com/reports/1636345

🔹 Severity: Medium
🔹 Reported To: U.S. Dept Of Defense
🔹 Reported By: #maskedpersian
🔹 State: 🟢 Resolved
🔹 Disclosed: September 6, 2022, 7:30pm (UTC)

187 views10:06

Bugpoint

Reflected Xss in [██████]

👉 https://hackerone.com/reports/1033253

🔹 Severity: Medium
🔹 Reported To: U.S. Dept Of Defense
🔹 Reported By: #s1m0x1
🔹 State: 🟢 Resolved
🔹 Disclosed: September 6, 2022, 7:32pm (UTC)

200 views10:06

Bugpoint

String length restriction byepass at https://callerfeel.mtnonline.com/profile/feedback.html

👉 https://hackerone.com/reports/1638347

🔹 Severity: High
🔹 Reported To: MTN Group
🔹 Reported By: #aliyugombe
🔹 State: 🟢 Resolved
🔹 Disclosed: September 7, 2022, 8:48am (UTC)

👍1

179 views17:48

Bugpoint

Cleartext storage of sensitive information at https://staging.status.ai-apps-comms.ibm.com/env can lead to account takeover of several IBM employees

👉 https://hackerone.com/reports/1670586

🔹 Severity: Critical
🔹 Reported To: IBM
🔹 Reported By: #zere
🔹 State: 🟢 Resolved
🔹 Disclosed: September 9, 2022, 3:14pm (UTC)

170 views17:49

Bugpoint

CVE-2022-21831: Possible code injection vulnerability in Rails / Active Storage

👉 https://hackerone.com/reports/1652042

🔹 Severity: High | 💰 2,000 USD
🔹 Reported To: Internet Bug Bounty
🔹 Reported By: #gquadros_
🔹 State: 🟢 Resolved
🔹 Disclosed: September 10, 2022, 7:12pm (UTC)

148 views17:49

Bugpoint

Access to arbitrary file of the Nextcloud Android app from within the Nextcloud Android app

👉 https://hackerone.com/reports/1408692

🔹 Severity: Low | 💰 250 USD
🔹 Reported To: Nextcloud
🔹 Reported By: #luchua
🔹 State: 🟢 Resolved
🔹 Disclosed: September 11, 2022, 11:41am (UTC)

149 views17:50

Bugpoint

Signup with any Email and Enable 2-FA without verifying Email

👉 https://hackerone.com/reports/1543259

🔹 Severity: Medium | 💰 350 USD
🔹 Reported To: Cloudflare Public Bug Bounty
🔹 Reported By: #imtheking
🔹 State: 🟢 Resolved
🔹 Disclosed: September 12, 2022, 2:15pm (UTC)

156 views17:51

Bugpoint

Response Manipulation leads to Admin Panel Login Bypass at https://admin.indevice.sonymobile.com/

👉 https://hackerone.com/reports/1508661

🔹 Severity: High
🔹 Reported To: Sony
🔹 Reported By: #0x2374
🔹 State: 🟢 Resolved
🔹 Disclosed: September 12, 2022, 7:00pm (UTC)

164 views17:51

Bugpoint

monerod JSON RPC server remote DoS

👉 https://hackerone.com/reports/1511843

🔹 Severity: Medium
🔹 Reported To: Monero
🔹 Reported By: #m31007
🔹 State: 🟢 Resolved
🔹 Disclosed: September 12, 2022, 9:50pm (UTC)

170 views17:52

Bugpoint

RCE via the DecompressedArchiveSizeValidator and Project BulkImports (behind feature flag)

👉 https://hackerone.com/reports/1609965

🔹 Severity: Critical | 💰 33,510 USD
🔹 Reported To: GitLab
🔹 Reported By: #vakzz
🔹 State: 🟢 Resolved
🔹 Disclosed: September 13, 2022, 4:40am (UTC)

🔥2

169 views18:56

Bugpoint

ReDoS in net/http affects webhooks: Sidekiq job stuck at 100% CPU for a year

👉 https://hackerone.com/reports/1531958

🔹 Severity: Medium | 💰 1,160 USD
🔹 Reported To: GitLab
🔹 Reported By: #afewgoats
🔹 State: 🟢 Resolved
🔹 Disclosed: September 13, 2022, 4:42am (UTC)

181 views18:57

Bugpoint

No Restriction on password

👉 https://hackerone.com/reports/1696814

🔹 Severity: No Rating
🔹 Reported To: GitLab
🔹 Reported By: #patronum-m
🔹 State: 🔴 N/A
🔹 Disclosed: September 13, 2022, 5:02am (UTC)

185 views18:58

Bugpoint

DOS validator nodes of blockchain to block external connections

👉 https://hackerone.com/reports/1695472

🔹 Severity: High | 💰 1,500 USD
🔹 Reported To: Hyperledger
🔹 Reported By: #cre8
🔹 State: 🟢 Resolved
🔹 Disclosed: September 13, 2022, 7:56am (UTC)

168 views02:02

Bugpoint

XSS in http://www.glassdoor.com/Search/results.htm via Parameter Pollution

👉 https://hackerone.com/reports/1632119

🔹 Severity: Medium | 💰 500 USD
🔹 Reported To: Glassdoor
🔹 Reported By: #nokline
🔹 State: 🟢 Resolved
🔹 Disclosed: September 13, 2022, 1:03pm (UTC)

163 views02:02

About

Blog

Apps

Platform