Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

Azbuka Vkusa - HackerOne Reports

View on HackerOne

9

Total Reports

2

Critical

3

High

4

Medium

0

Low

IDOR - Other user's delivery address disclosed

Reported by: sachin_kr | Disclosed:

High

Weakness: Insecure Direct Object Reference (IDOR)

Open redirect (DOM-based) on av.ru via "return_url" parameter (Login form)

Reported by: zophi | Disclosed:

Medium

Weakness: Open Redirect

Corporate Jira credentials disclosed in public gist

Reported by: mkhazov | Disclosed:

High

Weakness: Information Disclosure

Reflected XSS on av.ru via `q` parameter at https://av.ru/collections/*

Reported by: ronr | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

Endpoint without access control leads to order informations and status changes

Reported by: cabelo | Disclosed:

Critical

Weakness: Information Disclosure

Мисконфигурация Cisco Smart Install

Reported by: kerbyj | Disclosed:

Critical

Weakness: Misconfiguration

Unauthorized access to choice.av.ru control panel

Reported by: takeyourheart | Disclosed:

Medium

Weakness: Missing Authorization

Leak of Google Sheets API credentials

Reported by: adsec2s | Disclosed:

High

Weakness: Cleartext Transmission of Sensitive Information

Reflected XSS in photogallery component on [https://market.av.ru]

Reported by: haxta4ok00 | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected