Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

Bykea - HackerOne Reports

View on HackerOne

7

Total Reports

0

Critical

1

High

6

Medium

0

Low

Lack of Feedback Validation Permits Arbitrary Driver Ratings

Reported by: bugbountywithmarco | Disclosed:

Medium

Weakness: Insecure Direct Object Reference (IDOR)

Improper Access Control Allows Trip Hijacking and Passenger/Driver PII Disclosure

Reported by: grassye | Disclosed:

Medium

Weakness: Insecure Direct Object Reference (IDOR)

IDOR on in-app hardcoded zombie endpoint

Reported by: bugbountywithmarco | Disclosed:

Medium

Weakness: Insecure Direct Object Reference (IDOR)

Exposed trip_no in WebSocket Responses Leading to Excessive information Disclosure

Reported by: mrrhacker | Disclosed:

Medium

Weakness: Improper Access Control - Generic

Bypassing Bronze Partner Wallet Restriction to Accept Trips with Negative Balance

Reported by: bugbountywithmarco | Disclosed:

Medium

Weakness: Business Logic Errors

Ability to increase any customer offered fare (BAC)

Reported by: grassye | Disclosed:

Medium

Weakness: Insecure Direct Object Reference (IDOR)

Broken Access Control (IDOR) in Booking Detail and Bids Could Leads to Sensitive Information Disclosure

Reported by: back2arie | Disclosed:

High

Weakness: Insecure Direct Object Reference (IDOR)