HackerOne Reports
Search through disclosed security reports
10,350 reports found
Showing 61 - 80
**Description:** Hello Team, I have came across a sql injection vulnerability on www.██████ on countID parameter. I was able to retrieve the banner which is > Microsoft SQL Server 2008 R2 (SP3) - 10.50.6220.0 (X64& Mar 19 2015 12:32:14 Copyright (c) Microsoft Corporation Standard Edition (64-bit) on Windows NT 6.3 …
## Summary: Anyone can issue a PURGE request for any resource and invalidate your caches. That can lead to increased bandwidth costs but also potential Denial of Service attacks. ## Steps To Reproduce: 1. Fetching the resource headers, we can see in the X-Cache that the resource was a HIT …
This bug was reported directly to GitHub Security Lab.
## Summary: A CRLF Injection attack occurs when a user manages to submit a CRLF into an application. This is most commonly done by modifying an HTTP parameter or URL. ## Steps To Reproduce: Navigate to this URL █████: ``` ┌──(azab㉿kali)-[~] └─$ curl -i ███████ HTTP/1.1 307 Temporary Redirect Date: …
## Description: Users can reply to private message threads which they are not participants of by changing the `thread_id` parameter in the `messages_send_reply` ajax action. This affects both the Legacy and Nouveau Template packs. ## Steps To Reproduce: 1. Login to your account 2. Send the following request (change `Host`/`Cookie`/`nonce`/`thread_id` …
I would like to report [Stored XSS] in [dy-server2] It allows to steal session cookies, deface web , execute anything code javascript # Module **module name:** dy-server2 **version:** dy-server2 **npm page:** `https://www.npmjs.com/package/dy-server2` ## Module Description > 这是一款轻量级http服务器,可用于文件传输,前端项目预览。 ## Module Stats > Replace stats below with numbers from npm’s module page: …
## Summary: In Chrome, when extensions are auto-updated, if the permissions change, the extension is preventatively disabled and the user has to confirm they wish to re-enable it with the additional permissions. While it appears Brave has a functioning Extension auto-updater (e.g. for the PDF extension), a simulation of an …
I would like to report a `RCE` issue in the `tree-kill` module. It allows to execute `arbitrary commands remotely inside the victim's PC` # Module **module name:** `tree-kill` **version:** `1.2.1` **npm page:** `https://www.npmjs.com/package/tree-kill` ## Module Description > Kill all processes in the process tree, including the root process. ## Module …
This bug was reported directly to GitHub Security Lab.
###Summary A blocked user does not have the ability to utilise Git client operations, GitLab UI access or API access. However, a blocked user can still use Git clone/Git pull client commands if they are able to obtain a CI/CD token before being blocked. This allows them to access projects …