HackerOne Reports
Search through disclosed security reports
10,350 reports found
Showing 561 - 580
##Description During poking around `█████████/24` range - █████ looking for the Cisco devices, I came across `█████` which resolved to the https://██████/ While it's a not `.mil` host, it's likely related to the DoD since it hosted in the DoD-controlled ASN. I discovered few critical vulnerabilities here, one of them …
Hello, favorite security team. This is so far most interesting XSS i've found on your website. And also this is 10th bug i report you, so im gonna celebrate. **Summary:** Via hardcoded front-end code in algo debugger one is able to execute XSS on algorithm collaborator. One is able to …
Hi! [CVE-2017-1000112](https://nvd.nist.gov/vuln/detail/CVE-2017-1000112) is a vulnerability I found in the Linux kernel caused by a UFO to non-UFO path switch for UFO packets. It can be exploited to gain kernel code execution from an unprivileged process. This vulnerability was reported to [email protected] and linux-distros@ following the coordinated disclosure process and then …
Hello, I found one public Firebase database of periscope.tv and I can able to insert data to this database and i only used it once for the testing purposes, so other database queries also possible. Please follow the below link to check the inserted test data. ###Periscope-all Firebase URL :- …
## Summary: The `flip` contract allows for the MCD system to auction collateral in exchange for DAI. A lack of validation in the method `flip.kick` allows an attacker to create an auction with a fake bid value. Since the `end` contract trusts that value, it can be exploited to issue …
##Description Hello. I was able to identify another one Cisco TelePresence SX80 device located on the https://████████ right near the previous device `████` (after #684070 report I decided to check ████* range) According to the IP Info: https://ipinfo.io/AS257/████0/24 it belongs to ASN with ID ``` AS257 ███ ``` The mentioned …
##Description Hello. I was able to identify Cisco TelePresence SX80 device located on the https://█████ According to the IP Info: https://ipinfo.io/████████it belongs to ASN with ID ``` ███████ ``` so it's likely in scope of the program. The mentioned instance has default credentials `████` ##POC https://███████ Login with `█████████` ████ …
##Description During poking around `██████.00/24` range - ██████████ looking for the Cisco devices, I came across `███` which resolved to the https://███████.edu/ While it's a not `.mil` host, it's likely related to the DoD since it hosted in the DoD-controlled ASN. I discovered few critical vulnerabilities here, one of them …
Hey , I'm Jamal in this report i want to show you a Vulnerability Found It In basic-google-maps-placemarks Pugin Description: [#] Title : Path Disclosure Vulnerability [#] Status : Unfixed [#] Tested on : Firefox [#] Author : Jamal Eddine [#] Email : [email protected] [#] Discovered : 2014/05/04 [#] Report …
https://bugs.php.net/bug.php?id=71906 Memory corruption issue on mbstring extension, issue reported to PHP developers on 2016-03-26, fixed 2016-03-29 and released at 2016-03-31, affected PHP 5.5 , PHP 5.6 and PHP 7. http://php.net/ChangeLog-5.php#5.5.34 http://php.net/ChangeLog-5.php#5.6.20 http://php.net/ChangeLog-7.php#7.0.5
I want to report a xss bug. On apps.twitter.com I logged in and start with new app. In new app there is a feild: website: where user has to gave website of app. I just put javascript:alert(8007) pay load and popup appears.
I can able to add a email address to 255 character or more,as per RFC the maximum length allowed for an email address is 255 characters. For more info : http://stackoverflow.com/questions/386294/what-is-the-maximum-length-of-a-valid-email-address/574698#574698 related report: https://hackerone.com/reports/28632
An attacker can deface various pages on catalog.data.gov, leading to them executing malicious JavaScript when visited by a normal user. The root problem is that the server trusts the X-Forwarded-Host HTTP header, and uses this to populate the 'data-site-root' and 'data-locale-root' attributes on the <body tag. Some JavaScript then fetches …
## Summary: Good day team, I found another improper access control flaw in Ali Express Review Importer that can be used to view all and any existing reviews in Judge.Me app. This is similar to my other reports #1450807 and #1382652. Basically the same bug with #1450807 just on a …
## Summary: It is a vulnerability which can prove to be critical when misused by attackers ,rate limit is a flaw that doesn't limit the no. of attempts one makes on a website server. this vulnerability makes the website more susceptible to brute force the username while keeping the password …
Hi, I was looking at https://monitoring.prow-canary.k8s.io Grafana webapp. I'm not sure if it is for demo purposes, but I can access the main dashboard and view all graphs. `https://monitoring.prow-canary.k8s.io/dashboards` If indeed it is for demo purposes, please let me close the report myself. looking forward to hearing from you Thank …
## Summary: The endpoint /graphql has a vulnerable query operation named "search", that can I send a Regex malformed parameter, in order to trick the original regular expression to a regex bomb expression. + Payload with a "common" search, querying the value "AAA": ``` query a { search(q: "AAA", lang: …