NEW BOT Телеграм, страница

Bugpoint

Unprotected ██████ and Test site API Exposes Documents, Credentials, and Emails in ██████████ Proposal System

👉 https://hackerone.com/reports/745171

🔹 Severity: High
🔹 Reported To: U.S. Dept Of Defense
🔹 Reported By: #byteone
🔹 State: 🟢 Resolved
🔹 Disclosed: September 14, 2022, 8:40pm (UTC)

129 views02:03

Bugpoint

Full read SSRF at █████████ [HtUS]

👉 https://hackerone.com/reports/1628102

🔹 Severity: High | 💰 500 USD
🔹 Reported To: U.S. Dept Of Defense
🔹 Reported By: #sudi
🔹 State: 🟢 Resolved
🔹 Disclosed: September 14, 2022, 8:52pm (UTC)

133 views02:03

Bugpoint

an internel important paths disclosure [HtUS]

👉 https://hackerone.com/reports/1631471

🔹 Severity: Medium
🔹 Reported To: U.S. Dept Of Defense
🔹 Reported By: #ahmed0x0mahmoud
🔹 State: 🟢 Resolved
🔹 Disclosed: September 14, 2022, 8:54pm (UTC)

134 views02:03

Bugpoint

SSRF in Functional Administrative Support Tool pdf generator (████) [HtUS]

👉 https://hackerone.com/reports/1628209

🔹 Severity: Critical | 💰 4,000 USD
🔹 Reported To: U.S. Dept Of Defense
🔹 Reported By: #codeprivate
🔹 State: 🟢 Resolved
🔹 Disclosed: September 14, 2022, 9:00pm (UTC)

135 views02:03

Bugpoint

SQL injection at [https://█████████] [HtUS]

👉 https://hackerone.com/reports/1627995

🔹 Severity: Critical | 💰 1,000 USD
🔹 Reported To: U.S. Dept Of Defense
🔹 Reported By: #malcolmx
🔹 State: 🟢 Resolved
🔹 Disclosed: September 14, 2022, 9:04pm (UTC)

141 views02:19

Bugpoint

SQL injection at [█████████] [HtUS]

👉 https://hackerone.com/reports/1626198

🔹 Severity: Critical | 💰 1,000 USD
🔹 Reported To: U.S. Dept Of Defense
🔹 Reported By: #malcolmx
🔹 State: 🟢 Resolved
🔹 Disclosed: September 14, 2022, 9:06pm (UTC)

147 views02:19

Bugpoint

time based SQL injection at [https://███] [HtUS]

👉 https://hackerone.com/reports/1627970

🔹 Severity: Critical | 💰 1,000 USD
🔹 Reported To: U.S. Dept Of Defense
🔹 Reported By: #malcolmx
🔹 State: 🟢 Resolved
🔹 Disclosed: September 14, 2022, 9:10pm (UTC)

🔥1

159 views02:20

Bugpoint

STORED XSS in █████████/nlc/login.aspx via "edit" GET parameter through markdown editor [HtUS]

👉 https://hackerone.com/reports/1631447

🔹 Severity: High
🔹 Reported To: U.S. Dept Of Defense
🔹 Reported By: #shreky
🔹 State: 🟢 Resolved
🔹 Disclosed: September 14, 2022, 9:13pm (UTC)

171 views02:20

Bugpoint

No validation to Image upload user can upload ( php APK zip files and can be used as storage purpose)

👉 https://hackerone.com/reports/1644062

🔹 Severity: Medium | 💰 750 USD
🔹 Reported To: Linktree
🔹 Reported By: #bug_vs_me
🔹 State: 🟢 Resolved
🔹 Disclosed: September 15, 2022, 5:38am (UTC)

186 views02:20

Bugpoint

[hta3] Remote Code Execution on https://███ via improper access control to SCORM Zip upload/import

👉 https://hackerone.com/reports/1122791

🔹 Severity: Critical | 💰 2,000 USD
🔹 Reported To: U.S. Dept Of Defense
🔹 Reported By: #cdl
🔹 State: 🟢 Resolved
🔹 Disclosed: September 15, 2022, 1:28pm (UTC)

👍1

211 views02:23

Bugpoint

store internal email disclosed through shopify-data-exporter

👉 https://hackerone.com/reports/1605962

🔹 Severity: Medium | 💰 500 USD
🔹 Reported To: Shopify
🔹 Reported By: #xenx
🔹 State: 🟢 Resolved
🔹 Disclosed: September 15, 2022, 7:21pm (UTC)

211 views02:23

Bugpoint

Information exposure in in guzzlehttp/guzzle (https://github.com/nextcloud/3rdparty/tree/master/guzzlehttp/guzzle)

👉 https://hackerone.com/reports/1604606

🔹 Severity: Low
🔹 Reported To: Nextcloud
🔹 Reported By: #ro0telqayser
🔹 State: 🟢 Resolved
🔹 Disclosed: September 16, 2022, 2:52am (UTC)

221 views06:09

Bugpoint

Last video frame is still sent after video is disabled in a call

👉 https://hackerone.com/reports/1641088

🔹 Severity: Medium
🔹 Reported To: Nextcloud
🔹 Reported By: #daniel_calvino_sanchez
🔹 State: 🟢 Resolved
🔹 Disclosed: September 16, 2022, 4:52am (UTC)

258 views06:09

Bugpoint

SSRF via potential filter bypass with too lax local domain checking

👉 https://hackerone.com/reports/1608039

🔹 Severity: Low
🔹 Reported To: Nextcloud
🔹 Reported By: #tomorrowisnew_
🔹 State: 🟢 Resolved
🔹 Disclosed: September 16, 2022, 5:00am (UTC)

290 views06:09

Bugpoint

XSS in www.glassdoor.com

👉 https://hackerone.com/reports/1695989

🔹 Severity: Medium | 💰 500 USD
🔹 Reported To: Glassdoor
🔹 Reported By: #seifelsallamy
🔹 State: 🟢 Resolved
🔹 Disclosed: September 16, 2022, 8:10pm (UTC)

331 views23:25

Bugpoint

Airflow Daemon Mode Insecure Umask Privilege Escalation

👉 https://hackerone.com/reports/1690093

🔹 Severity: Medium | 💰 2,400 USD
🔹 Reported To: Internet Bug Bounty
🔹 Reported By: #nyymi
🔹 State: 🟢 Resolved
🔹 Disclosed: September 17, 2022, 12:23pm (UTC)

331 views18:35

Bugpoint

HTML Injection in email via Name field

👉 https://hackerone.com/reports/1581499

🔹 Severity: Low | 💰 500 USD
🔹 Reported To: HackerOne
🔹 Reported By: #mega7
🔹 State: 🟢 Resolved
🔹 Disclosed: September 18, 2022, 9:24am (UTC)

328 views01:26

Bugpoint

There is no rate limit for SME REGISTRATION PORTAL

👉 https://hackerone.com/reports/1305766

🔹 Severity: No Rating
🔹 Reported To: MTN Group
🔹 Reported By: #sachinrajput
🔹 State: 🟢 Resolved
🔹 Disclosed: September 19, 2022, 5:41am (UTC)

331 views06:04

Bugpoint

CORS Misconfiguration on vanillaforums.com

👉 https://hackerone.com/reports/1527555

🔹 Severity: Medium | 💰 150 USD
🔹 Reported To: Vanilla
🔹 Reported By: #admin0x00
🔹 State: 🟢 Resolved
🔹 Disclosed: September 20, 2022, 4:34pm (UTC)

307 views18:22

Bugpoint

Use-after-free in setsockopt IPV6_2292PKTOPTIONS (CVE-2020-7457)

👉 https://hackerone.com/reports/1441103

🔹 Severity: High | 💰 10,000 USD
🔹 Reported To: PlayStation
🔹 Reported By: #theflow0
🔹 State: 🟢 Resolved
🔹 Disclosed: September 20, 2022, 9:16pm (UTC)

👍1

293 views10:21

Bugpoint

IDOR on Tagged People

👉 https://hackerone.com/reports/1555376

🔹 Severity: Medium | 💰 3,000 USD
🔹 Reported To: TikTok
🔹 Reported By: #apapedulimu
🔹 State: 🟢 Resolved
🔹 Disclosed: September 20, 2022, 10:17pm (UTC)

👏1

278 views13:47

About

Blog

Apps

Platform