Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

8x8 - HackerOne Reports

View on HackerOne

70

Total Reports

6

Critical

20

High

27

Medium

17

Low

Send Phishing/Spam email from [email protected] to any email address.

Reported by: wisp | Disclosed:

High

Weakness: Improper Input Validation

[CRITICAL] Sql Injection on http://axa.dxi.eu

Reported by: madrobot | Disclosed:

Critical

Weakness: SQL Injection

Xss (cross site scripting) on http://axa.dxi.eu/

Reported by: madrobot | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

Reflected XSS on http://axa.dxi.eu

Reported by: madrobot | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

Open Redirect on https://██.8x8.com/login?nextPage=%2F

Reported by: 0x7v | Disclosed:

Low

Weakness: Open Redirect

Blind Command Injection #1

Reported by: bugify12334 | Disclosed:

High

Weakness: Command Injection - Generic

Post based XSS (Cross site scripting) on https://apimgr.8x8.com

Reported by: madrobot | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Generic

[CRITICAL] Remote code execution on http://axa.dxi.eu

Reported by: madrobot | Disclosed:

Critical

Weakness: Code Injection

████ api key exposed in github.com/███/███

Reported by: adnanmalikinfo | Disclosed:

High

Weakness: Cleartext Storage of Sensitive Information

Stored XSS agent_status

Reported by: madrobot | Disclosed:

High

Weakness: Cross-site Scripting (XSS) - Stored

Unprotected Atlantis Server at https://152.70.█.█

Reported by: ahmadzuriqi3 | Disclosed:

Medium

Weakness: Improper Authentication - Generic

DNS Misconfiguration (Subdomain Takeover) ███████.8x8.com

Reported by: melbadry9 | Disclosed:

High

Weakness: Privilege Escalation

Bypass Email activation on http://axa.dxi.eu

Reported by: madrobot | Disclosed:

High

Weakness: Improper Access Control - Generic

Default credentials lead to Spring Boot Admin dashboard access

Reported by: sparroww | Disclosed:

Medium

Weakness: Information Disclosure

DNS Misconfiguration (Subdomain Takeover) ███.wavecell.com

Reported by: melbadry9 | Disclosed:

High

Weakness: Privilege Escalation

xmlrpc.php file enabled

Reported by: p4nk4jv | Disclosed:

Medium

Weakness: Server-Side Request Forgery (SSRF)

(Critical) Remote Code Execution Through Old TinyMCE upload bypass

Reported by: konqi | Disclosed:

High

Weakness: Code Injection

speedtest.8x8.com: Enabled Directory Listing

Reported by: shriyanss | Disclosed:

Low

Weakness: Information Exposure Through Directory Listing

Directory Listing at https://█.█.█.█

Reported by: shuvam321 | Disclosed:

Low

Weakness: File and Directory Information Exposure

Hardcoded credentials in Android App

Reported by: madrobot | Disclosed:

High

Weakness: Information Disclosure

Page 1 of 4 Next