bug文章列表

未经授权的访问-将管理员角色降级为“无”,仍然可以通过Brupsite编辑项目
作者:zombieesshx 奖金:None https://hackerone.com/reports/1607756
SSRF通过Office文件缩略图
作者:ziot 奖金:4000.0 https://hackerone.com/reports/671935
多行传输编码解析错误导致HTTP请求走私
作者:zeyu2001 奖金:None https://hackerone.com/reports/1501679
符号的弱速率限制。加上电子邮件验证
作者:zeesozee 奖金:None https://hackerone.com/reports/1584569
iOS群聊拒绝服务
作者:yinmo 奖金:300.0 https://hackerone.com/reports/1701642
认证CSRF导致未经授权的帐户访问Krisp应用程序
作者:yassineaboukir 奖金:None https://hackerone.com/reports/1267476
fabric ca服务器管理员帐户的暴力
作者:xiaoc 奖金:1500.0 https://hackerone.com/reports/411364
Action Pack中的打开重定向漏洞
作者:wonda_tea_coffee 奖金:2400.0 https://hackerone.com/reports/1865991
在允许样式标记的环境中,Rails::Html::SafeListSanitizer容易受到xss攻击
作者:windshock 奖金:None https://hackerone.com/reports/1530898
在允许样式标记的环境中,Rails::Html::SafeListSanitizer容易受到xss攻击
作者:windshock 奖金:2400.0 https://hackerone.com/reports/1599573
身份验证令牌和CSRF令牌旁路
作者:whiteshadow201 奖金:300.0 https://hackerone.com/reports/998457
通过“BLSSignature”和“BLSSigShare”中的“gmpu sprintf”堆栈缓冲区溢出`
作者:voiddy 奖金:2500.0 https://hackerone.com/reports/1546935
存储跨站点脚本http://www.grouplogic.com/ADMIN/store/index.cfm?fa=disprocode
作者:ub3rsick 奖金:None https://hackerone.com/reports/1164853
无需验证即可访问存储管理页面http://www.grouplogic.com/ADMIN/store/index.cfm
作者:ub3rsick 奖金:250.0 https://hackerone.com/reports/1164854
ColdFusion调试面板上反映的跨站点脚本http://www.grouplogic.com/CFIDE/debug/cf_debugFr.cfm
作者:ub3rsick 奖金:None https://hackerone.com/reports/1166918
反射的跨站点脚本http://www.grouplogic.com/files/glidownload/verify3.asp[大写过滤器旁路]
作者:ub3rsick 奖金:None https://hackerone.com/reports/1167034
未经授权的用户可以查看其他用户的订阅新闻稿
作者:tushar6378 奖金:None https://hackerone.com/reports/1716300
调试面板曝光
作者:tosun 奖金:None https://hackerone.com/reports/986679
Tomcat服务器中的路径遍历
作者:tosun 奖金:None https://hackerone.com/reports/988877
RXSS on█████████
作者:tmz900 奖金:None https://hackerone.com/reports/1555582
通过主机在Nodejs“undici”中注入CRLF
作者:timon8 奖金:600.0 https://hackerone.com/reports/1878489
绕过域级重定向(未验证的重定向和Forwar)
作者:thypon 奖金:None https://hackerone.com/reports/1582160
bd-j漏洞链
作者:theflow0 奖金:20000.0 https://hackerone.com/reports/1379975
在帐户上找到打开重定向。勇敢的通用域名格式
作者:tabaahi 奖金:300.0 https://hackerone.com/reports/1338437
该软件没有实施足够的措施来防止在短时间内多次失败的身份验证尝试,这使得它更容易
作者:suryasnn 奖金:None https://hackerone.com/reports/1591504
在iCalendar附件中通过换行将SMTP命令注入电子邮件
作者:spaceraccoon 奖金:None https://hackerone.com/reports/1516377
禁用xmlrpc。php文件
作者:sohelahmed786 奖金:None https://hackerone.com/reports/712321
speedtest.8x8.com:启用的目录列表
作者:shriyanss 奖金:None https://hackerone.com/reports/1825472
卡片组中的卡片可供任何用户阅读
作者:shakierbellows 奖金:825.0 https://hackerone.com/reports/1331728
路径遍历,到RCE
作者:saltyyolk 奖金:12000.0 https://hackerone.com/reports/733072
通过项目导入窃取其他项目的私有对象
作者:saltyyolk 奖金:20000.0 https://hackerone.com/reports/743953
通过项目导入公开的私有对象
作者:saltyyolk 奖金:20000.0 https://hackerone.com/reports/767770
Nuget包注册表中的路径遍历
作者:saltyyolk 奖金:12000.0 https://hackerone.com/reports/822262
反射跨站点脚本(XSS)https://one.newrelic.com
作者:sairanga 奖金:None https://hackerone.com/reports/1367642
API文档为示例域theburritobot公开了一个活动令牌。通用域名格式
作者:sainaen 奖金:500.0 https://hackerone.com/reports/1507412
删除直接消息历史记录而不访问正确的对话id
作者:saiful6601 奖金:560.0 https://hackerone.com/reports/1487804
在身份验证登录页面和忘记密码页面上缺少速率限制
作者:saidkira 奖金:None https://hackerone.com/reports/1591764
当前密码对禁用2fa的暴力会导致猜测密码和禁用2fa。
作者:sachinrajput 奖金:None https://hackerone.com/reports/1465277
通过IP旋转器联系我们时的速率限制旁路(打嗝扩展)(https://www.linkedin.com/help/linkedin/solve/contact)
作者:sachinrajput 奖金:None https://hackerone.com/reports/1578121
CSRF账户接管
作者:s3c 奖金:None https://hackerone.com/reports/1253462
禁用上下文隔离,节点集成使用未经授权的帧。
作者:s1r1u5 奖金:2400.0 https://hackerone.com/reports/1647287
安全视图微不足道
作者:rullzer 奖金:150.0 https://hackerone.com/reports/1724021
联合编辑允许使用可能恶意的远程设备
作者:rtod 奖金:100.0 https://hackerone.com/reports/1210424
salesforce lightning endpoint上的注册用户联系信息披露https://disposal.gsa.gov
作者:rptl 奖金:None https://hackerone.com/reports/1443654
路径遍历导致读取上的本地文件███████ 和████
作者:rodriguezjorgex 奖金:None https://hackerone.com/reports/1888808
通过打开文件名存储XSShttps://partners.line.me/
作者:rioncool22 奖金:100.0 https://hackerone.com/reports/1639919
访问未经授权的管理页面并查看管理密码-speakerkit.state.gov
作者:qualw1n 奖金:None https://hackerone.com/reports/1806387
DoS位于█████(CVE-2018-6389)
作者:pwnesec 奖金:None https://hackerone.com/reports/1887996
Golang:用于签署JWT的硬编码密码
作者:porcupineyhairs 奖金:None https://hackerone.com/reports/1595009
Golang:添加查询以检测PAM授权错误
作者:porcupineyhairs 奖金:None https://hackerone.com/reports/1597437
点击Jiraands链接进行XSS
作者:ooooooo_q 奖金:1130.0 https://hackerone.com/reports/1194254
2缓存中毒攻击方法影响核心功能www.exodus。通用域名格式
作者:onmouseover_ 奖金:None https://hackerone.com/reports/1581454
CVE-2022-32205:设置Cookie拒绝服务
作者:nyymi 奖金:None https://hackerone.com/reports/1569946
CVE-2022-32206:HTTP压缩拒绝服务
作者:nyymi 奖金:None https://hackerone.com/reports/1570651
CVE-2022-32207:未受保护的文件权限
作者:nyymi 奖金:None https://hackerone.com/reports/1573634
通过HTTP/2 PUSHu承诺的堆溢出
作者:nyymi 奖金:None https://hackerone.com/reports/1589847
CVE-2022-32208:FTP-KRB坏消息验证
作者:nyymi 奖金:None https://hackerone.com/reports/1590071
KRB-FTP:安全级别降级
作者:nyymi 奖金:None https://hackerone.com/reports/1590102
CVE-2022-32205:设置Cookie拒绝服务
作者:nyymi 奖金:480.0 https://hackerone.com/reports/1614328
CVE-2022-32206:HTTP压缩拒绝服务
作者:nyymi 奖金:2400.0 https://hackerone.com/reports/1614330
CVE-2022-32207:未受保护的文件权限
作者:nyymi 奖金:2400.0 https://hackerone.com/reports/1614331
CVE-2022-32208:FTP-KRB坏消息验证
作者:nyymi 奖金:480.0 https://hackerone.com/reports/1614332
通过邀请令牌验证电子邮件地址披露
作者:noob_but_cut3 奖金:250.0 https://hackerone.com/reports/1560072
访问控制中断
作者:nayefhamouda 奖金:None https://hackerone.com/reports/1539426
注册到返回空响应的CA会使节点进程崩溃
作者:mttrbrts 奖金:500.0 https://hackerone.com/reports/506412
中继器和入侵者选项卡中的重定向
作者:mr_vrush 奖金:150.0 https://hackerone.com/reports/1541301
CVE-2023-23919:nodejs加密库中的多个OpenSSL错误处理问题
作者:mj0nes-vsat 奖金:1800.0 https://hackerone.com/reports/1877977
反射XSS athttps://stories.showmax.com/wp-content/themes/theme-internal_ss/blocks/ajax/a.php通过andss_ country_
作者:miron666 奖金:150.0 https://hackerone.com/reports/1663202
对媒体Wiki的不当访问控制使攻击者能够重新启动国防部资产上的安装
作者:miguel_santareno 奖金:None https://hackerone.com/reports/1804174
通过circles应用绕过强制密码保护
作者:michag86 奖金:100.0 https://hackerone.com/reports/1406926
如果在用户激活cam/mic时禁用了cam/mic权限,则主持人可以远程启用cam/mic
作者:michag86 奖金:100.0 https://hackerone.com/reports/1520685
电子邮件中的HTML注入
作者:mega7 奖金:None https://hackerone.com/reports/1536899
只读管理员可以更改代理更新设置
作者:mega7 奖金:200.0 https://hackerone.com/reports/1538004
反射XSS通过`████████` 参数
作者:mdakh404 奖金:None https://hackerone.com/reports/1536215
远程0点击过滤Safari用户和IP地址
作者:max2x 奖金:560.0 https://hackerone.com/reports/1392211
在现有帐户上登录Apple works,绕过2FA
作者:mattipv4 奖金:1000.0 https://hackerone.com/reports/1593404
登录苹果会生成长寿命的JWT,看起来是不可撤销的,可以立即访问帐户
作者:mattipv4 奖金:250.0 https://hackerone.com/reports/1593413
火柴
作者:maslahhunter 奖金:None https://hackerone.com/reports/1555440
CSRF(绕过保护)强制18岁以下的用户查看nsfw subreddit!
作者:marvelmaniac 奖金:None https://hackerone.com/reports/1480569
通过自动完成API披露聊天室成员
作者:lukasreschke 奖金:None https://hackerone.com/reports/1850407
通过PUT/v2/seats请求操作以更少的费用添加更多的座位
作者:life__001 奖金:500.0 https://hackerone.com/reports/1446090
一个有效的Gitlab主力JWT的暴露导致了各种不好的事情
作者:ledz1996 奖金:10000.0 https://hackerone.com/reports/1040786
更新或删除附件时缺少所有权检查
作者:kesselb 奖金:None https://hackerone.com/reports/1579820
PHP对象注入->构建自定义小工具链->RCE
作者:karezma 奖金:None https://hackerone.com/reports/1820492
当使用类似的passdbs时,可以在dovecot中升级权限
作者:julezman 奖金:900.0 https://hackerone.com/reports/1561579
2022年6月事件报告
作者:jobert 奖金:None https://hackerone.com/reports/1622449
能够通过SQL注入转义数据库事务,从而导致任意代码执行
作者:jobert 奖金:None https://hackerone.com/reports/1663299
如果用户是目标合并请求的作者或受让人,则开发人员访问权限以下的用户可以接受“外部状态检查”
作者:joaxcar 奖金:610.0 https://hackerone.com/reports/1375393
在问题注释和其他包含注释的页面上存储XS
作者:jarij 奖金:3000.0 https://hackerone.com/reports/1398305
curl“globbing”可能导致拒绝服务攻击
作者:iylz 奖金:None https://hackerone.com/reports/1572120
CPP:在不更改工作目录的情况下添加对CWE-243创建chroot Jail的查询
作者:ihsinme 奖金:1000.0 https://hackerone.com/reports/1582697
绕过白名单以执行内部主机扫描的SSRF
作者:hollaatm3 奖金:None https://hackerone.com/reports/1747596
CVE-2022-27779:跟踪点TLD的cookie
作者:haxatron1 奖金:2400.0 https://hackerone.com/reports/1565615
CVE-2022-27780:URL主机中编码路径分隔符的百分比
作者:haxatron1 奖金:2400.0 https://hackerone.com/reports/1565619
CVE-2022-30115:通过尾部dot的HSTS旁路
作者:haxatron1 奖金:2400.0 https://hackerone.com/reports/1565622
已启用xmlrpc文件
作者:happykira0x1 奖金:None https://hackerone.com/reports/1575401
Wordpress用户披露(/wp json/wp/v2/Users/)
作者:hammodmt 奖金:None https://hackerone.com/reports/1663363
配置错误的登录页面能够锁定任何帐户的登录操作,而无需用户交互
作者:h1ugroon 奖金:None https://hackerone.com/reports/1582778
禁用密码策略应用程序时,文件共享中默认密码的不安全随机性
作者:gorei 奖金:None https://hackerone.com/reports/1745702
Ingress nginx路径允许检索Ingress nginx serviceaccount令牌
作者:gaffy 奖金:2500.0 https://hackerone.com/reports/1382919
Hyperledger Fabric SDK for Java中的RCE漏洞
作者:freskimo 奖金:200.0 https://hackerone.com/reports/801370
用户可以链接非公开文件附件,导致文件在编辑时被更高权限的用户泄露
作者:foobar7 奖金:500.0 https://hackerone.com/reports/763177
HyperLedger结构中的远程拒绝服务
作者:fatal0 奖金:1500.0 https://hackerone.com/reports/1604951
sql注入通过https://setup.p2p.ihost.com/
作者:exploitmsf 奖金:None https://hackerone.com/reports/1567516
在注销端点绕过CSRF
作者:er_salil 奖金:None https://hackerone.com/reports/1091403
在受密码保护的通话部分加入视频通话时,缺少速率限制
作者:error2001 奖金:250.0 https://hackerone.com/reports/1596673
[关键]与Apple flow签约时无需用户交互即可接管完整账户
作者:emanelyazji 奖金:None https://hackerone.com/reports/1639802
Gitlab使用服务人员盗窃令牌
作者:ehhthing 奖金:1680.0 https://hackerone.com/reports/1439552
盲用户代理SQL注入到盲远程操作系统命令执行█████████
作者:echidonut 奖金:None https://hackerone.com/reports/1339430
推特账号劫持@nextcloudfrance
作者:devokta 奖金:None https://hackerone.com/reports/1916565
unescapeu word()中的整数溢出
作者:ddme 奖金:None https://hackerone.com/reports/1564922
披露任何livestream的live_分析信息。
作者:datph4m 奖金:None https://hackerone.com/reports/1561299
所有用户密码散列都可以从管理面板中看到
作者:dark_haxor 奖金:None https://hackerone.com/reports/1489892
通过“Save.torrent file”选项下载任意文件可能导致客户端RCE和XSS
作者:d3f4u17 奖金:200.0 https://hackerone.com/reports/963155
使用WebTorrent将用户重定向到恶意torrent文件/网站
作者:d3f4u17 奖金:200.0 https://hackerone.com/reports/968328
WebTorrent中重定向处理不当导致任意文件下载
作者:d3f4u17 奖金:150.0 https://hackerone.com/reports/975514
HTTP PUT方法已启用downloader.ratelimited.me
作者:codeslayer137 奖金:None https://hackerone.com/reports/545136
匿名访问控制-付款状态
作者:codeslayer137 奖金:100.0 https://hackerone.com/reports/1546726
从kubernetes csi的Docs页面接管Github帐户。github。io`
作者:codermak 奖金:None https://hackerone.com/reports/1434967
使用两个url时凭据泄漏
作者:chen172 奖金:None https://hackerone.com/reports/1569926
可以操纵许多命令来删除身份或从属关系
作者:cet2000 奖金:500.0 https://hackerone.com/reports/348090
绕过API令牌的创建而不进行电子邮件验证
作者:boy_child_ 奖金:None https://hackerone.com/reports/1812705
使用绕过缓存欺骗护甲。avif扩展文件
作者:bombon 奖金:500.0 https://hackerone.com/reports/1391635
完整的服务器安装路径在云/用户端点中可见
作者:bohwaz 奖金:None https://hackerone.com/reports/1690510
TOTP 2FA缺乏野兽保护
作者:bncrypted 奖金:750.0 https://hackerone.com/reports/1265709
任意读取Nextcloud服务器上的所有SVG文件
作者:bncrypted 奖金:1250.0 https://hackerone.com/reports/1302155
能够批准管理批准和更改有效状态,而无需添加付款详细信息。
作者:bisesh 奖金:5000.0 https://hackerone.com/reports/1543159
修复:(安全性)缓解路径遍历错误
作者:bhaskar_ram 奖金:200.0 https://hackerone.com/reports/1635321
修复(安全):路径遍历错误
作者:bhaskar_ram 奖金:None https://hackerone.com/reports/1664244
IDOR允许读取社交媒体广告服务上的另一个userands令牌
作者:a_d_a_m 奖金:None https://hackerone.com/reports/1464168
xmlrpc。php文件已启用。它将用于暴力攻击和拒绝服务(DoS)
作者:anonymmert12 奖金:None https://hackerone.com/reports/1622867
Ingress nginx注释注入允许跨所有名称空间检索Ingress nginx serviceaccount令牌和机密
作者:amlweems 奖金:2500.0 https://hackerone.com/reports/1378175
跨站点脚本:mtn.bj
作者:alimanshester 奖金:None https://hackerone.com/reports/1264834
使用host_标头动作参数中的换行符通过原始规则进行HTTP请求走私
作者:albertspedersen 奖金:3100.0 https://hackerone.com/reports/1575912
通过项目团队成员邀请系统了解比赛情况。
作者:akashhamal0x01 奖金:None https://hackerone.com/reports/1108291
IDOR on TikTok卖家
作者:aidilarf_2000 奖金:500.0 https://hackerone.com/reports/1509057
TikTok Live窗体上存储的XS
作者:aidilarf_2000 奖金:1500.0 https://hackerone.com/reports/1542703
TikTok卖家中心端点上的XSS负载
作者:aidilarf_2000 奖金:1000.0 https://hackerone.com/reports/1554048
未经验证擅自访问内部服务器面板
作者:ahmd_halabi 奖金:None https://hackerone.com/reports/1548067
浏览器未遵循正确的重定向流,导致打开重定向
作者:abhinavsecondary 奖金:500.0 https://hackerone.com/reports/1579374
管理员身份验证绕过导致管理员帐户接管
作者:7odamo 奖金:None https://hackerone.com/reports/1490470
反射XSS onhttps://wwwapps.ups.com/ctc/request?loc=
作者:3amoura 奖金:None https://hackerone.com/reports/1536461
多个子域接管
作者:3amii 奖金:None https://hackerone.com/reports/1591085
反光XSS英寸██████
作者:0xd3adc0de 奖金:None https://hackerone.com/reports/1873655
反射XSS onhttps://www.glassdoor.com/parts/header.htm
作者:0x7 奖金:None https://hackerone.com/reports/1073712
反射XSS onhttps://help.glassdoor.com/gd_requestsubmitpage
作者:0x7 奖金:None https://hackerone.com/reports/1094224
打开重定向打开https://www.glassdoor.com/profile/siwa.htmvia状态参数
作者:0x7 奖金:None https://hackerone.com/reports/1097208
管理面板暴露,无凭证https://plus-website.shopifycloud.com/admin.php
作者:0x50d 奖金:2900.0 https://hackerone.com/reports/1417288
注册时的超链接注入
作者:011alsanosi 奖金:None https://hackerone.com/reports/1166073