Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

BOHEMIA INTERACTIVE a.s. - HackerOne Reports

View on HackerOne

7

Total Reports

1

Critical

1

High

2

Medium

0

Low

(Possible) staff account takeover via reset token bruteforce at helpdesk.bistudio.com

Reported by: europa | Disclosed:

Critical

Weakness: Weak Password Recovery Mechanism for Forgotten Password

Weak Password Policy on Signup at https://accounts.bistudio.com/auth

Reported by: hack2684 | Disclosed:

Weakness: Violation of Secure Design Principles

Stealing Users OAUTH Tokens via redirect_uri

Reported by: ethancruize | Disclosed:

Medium

Weakness: Improper Authentication - Generic

Clickjacking at ylands.com

Reported by: kryptomon | Disclosed:

Medium

Weakness: UI Redressing (Clickjacking)

Bounty: $80.00

217.147.95.145 NFS Exposed with Zeus Server configs

Reported by: meals | Disclosed:

IDOR to view User Order Information

Reported by: meals | Disclosed:

High

Apache Server Version Disclousure

Reported by: mazmur | Disclosed:

Weakness: Information Disclosure