HackerOne Reports
Search through disclosed security reports
10,350 reports found
Showing 1141 - 1160
Hey, I noticed when monitoring the websocket requests that the account information of many users, including email address, is sent to the client. For example: ``` ██████ ██████████ █████████ ████████ ███████ ``` There's hundreds of these requests, each containing user information. Please let me know if this is meant to …
Hiii THERE **Vulnerability Title** There are few email spoofing tool is available free.one them is http://emkei.cz/ **Description** when I tried to send a email from [email protected] to my email ,it was successful but when i tried to send the another from [email protected] , i did not receive any email. there …
Your Subdomains are pointing to unconfigured heroku app. You should immediately remove the DNS-entry. Any One Can Claim That Domain , Please Read The Advisory Below. ::: Nslookup of Subdomains Not Claimed ::::: i) 0x00hack3r@pirateking:~ % nslookup bugs.instacart.com Server: 192.168.1.11 Address: 192.168.1.11#53 Non-authoritative answer: bugs.instacart.com canonical name = akita-7862.herokussl.com. akita-7862.herokussl.com …
In ```or/buffer.s.c```: ```c /** Return the allocation size we'd like to use to hold <b>target</b> * bytes. */ static inline size_t preferred_chunk_size(size_t target) { size_t sz = MIN_CHUNK_ALLOC; while (CHUNK_SIZE_WITH_ALLOC(sz) < target) { sz <<= 1; } return sz; } ``` ```c #define MIN_CHUNK_ALLOC 256 #define CHUNK_SIZE_WITH_ALLOC(memlen) ((memlen) - CHUNK_HEADER_LEN) …
Title: CORS (Cross-Origin Resource Sharing) Category: Others Affected URL: https://app.legalrobot.com/sockjs/info?cb=pcgb37npst Description: The application implements an HTML5 cross-origin resource sharing (CORS) policy for this request which allows access from any domain. Allowing access from all domains means that any domain can perform two-way interaction with the application via this request. Unless …
Hey **legalRobot!** I have found **Click Jacking type** of Vulnerability in your Website Now The Question is What is **Click Jacking.** **Click Jacking** (User Interface redress attack, UI redress attack, UI redressing) is a malicious technique of tricking a Web user into clicking on something different from what the user …
This bug was reported directly to GitHub Security Lab.
The SabreDAV plugin `\OCA\DAV\CardDAV\ImageExportPlugin` is used for displaying pictures of a VCF. It registers on a GET request on a CardDAV element and acts when the query parameter `photo` is sent. The logic can be seen below: ``` /** * Intercepts GET requests on addressbook urls ending with ?photo. * …
__Hello Team,__ ####Description : > This is report is about an interesting scenario where an user's password can be steal while password reset process due to wired user controlled redirection take place after password reset process. By accepting the fact that URL redirect is not in scope for uber but …
Description: Its observed that that insecure transportation security protocol (TLS 1.0) is supported by your web server. TLS 1.0 has several flaws. An attacker can cause connection failures and they can trigger the use of TLS 1.0 to exploit vulnerabilities like BEAST. Websites using TLS 1.0 will be considered non-compliant …
Hi, I found a vulnerability in www.gratipay.com **Steps to reproduce:** 1. Login in gratipay using any social account which do not provide the email to gratipay. 2. In my case i use twiiter.com, i got the message from gratipay that no Email id is associated with this account. 3. Click …
**1.** the first report is concerning AWS S3 bucket Readable for authenticated aws users , the same as this report #163476 the bucket is **sdk.amazonaws.com** , i believe it's yours because i found it in a Head request to https://app.legalrobot.com/ : F115189 listing the bucket : 115190 i don't have …
Clickjacking (User Interface redress attack, UI redress attack, UI redressing) is a malicious technique of tricking a Web user into clicking on something different from what the user perceives they are clicking on, thus potentially revealing confidential information or taking control of their computer while clicking on seemingly innocuous web …
I would like to inform you that the SSL certificate for www.nextcloud.org is expired at: >24. August 2016 15:03 Thanks.
Hi, While this doesn't fall directly under the Program scope, I feel that the subject of this report is directly connected to the primary Legal Robot web properties and would like to inform your team in case this was a misconfiguration concern. I noticed that **legalrobot.amazonaws.com** is configured to display …
Hi, I found out that you are using WordPress version 4.5.3. Researchers found out 5 days ago, that this version has a vulnerability, a Path traversal in WordPress Core Ajax handlers. _Intro_ WordPress is web software that can be used to create a website, blog, or app. A path traversal …
-Content Security Policy Header used to allow only source code to execute in the application from the domain mentioned in its list. By using this we can restrict code to execute which is written in application either by developer or by Hacker -Since application contains no such header i am …
**PoC** ``` https://skyliner.io//blackfan.ru/ https://qa.skyliner.io//blackfan.ru/ ``` **HTTP Response** ``` HTTP/1.1 301 Moved Permanently Content-Length: 0 Connection: close Date: Wed, 24 Aug 2016 17:30:39 GMT Location: //blackfan.ru ``` https://cwe.mitre.org/data/definitions/601.html
Hi, This issue is same as #128121 reported by a5tronaut. He reported some of the usernames for restriction and you applied check only for those usernames. I think username restriction should applied for all the usersnames, those are used for a directory or a link in gratipay. a5tronaut mentioned the …