Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

U.S. Dept Of Defense - HackerOne Reports

View on HackerOne

829

Total Reports

168

Critical

211

High

378

Medium

63

Low

RXSS - ████

Reported by: 0xelkomy | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

Blind Stored XSS on the internal host - █████████████

Reported by: sp1d3rs | Disclosed:

High

Weakness: Cross-site Scripting (XSS) - Stored

[https://███] Local File Inclusion via graph.php

Reported by: cablej_dds | Disclosed:

Medium

Weakness: Path Traversal

SQL injection my method -1 OR 321=6 AND 000159=000159

Reported by: lu3ky-13 | Disclosed:

Medium

Weakness: Code Injection

Cross site scripting

Reported by: lu3ky-13 | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

User automatically logged in as Sys Admin user on https://███/Administration/Administration.aspx

Reported by: mrr0b0t2324 | Disclosed:

Critical

Weakness: Improper Access Control - Generic

Information disclosure vulnerability on a DoD website

Reported by: twicedi | Disclosed:

Medium

Weakness: Information Disclosure

Null byte Injection in https://████/

Reported by: mohammedadam24 | Disclosed:

High

Weakness: Improper Null Termination

Reflected XSS at https://█████████ via "███" parameter

Reported by: pelegn | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

Reflected XSS at https://█████ via "██████████" parameter

Reported by: pelegn | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

Reflected XSS at https://██████/██████████ via "████████" parameter

Reported by: pelegn | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

Reflected XSS at https://██████/██████ via "██████" parameter

Reported by: pelegn | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

Git repo on https://██████.mil/ discloses API password

Reported by: al-madjus | Disclosed:

High

Weakness: Password in Configuration File

Subdomain takeover of █████████

Reported by: martinvw | Disclosed:

Critical

Weakness: Security Through Obscurity

Reflected XSS at https://██████████/████████ via "███████" parameter

Reported by: pelegn | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

Critical information disclosure at https://█████████

Reported by: juliocesar | Disclosed:

Medium

Weakness: Information Disclosure

SQL injection vulnerability on a DoD website

Reported by: vag_mour | Disclosed:

High

Weakness: SQL Injection

Remote Code Execution (RCE) in a DoD website

Reported by: joaomatosf | Disclosed:

Critical

Weakness: Deserialization of Untrusted Data

CVEs: CVE-2017-10366

Remote Code Execution (RCE) in a DoD website

Reported by: joaomatosf | Disclosed:

Critical

Weakness: Deserialization of Untrusted Data

CVEs: CVE-2017-10366

Remote Code Execution (RCE) in a DoD website

Reported by: joaomatosf | Disclosed:

Critical

Weakness: Deserialization of Untrusted Data

Page 1 of 42 Next