Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

U.S. Dept Of Defense - HackerOne Reports

View on HackerOne

829

Total Reports

168

Critical

211

High

378

Medium

63

Low

Information disclosure vulnerability on a DoD website

Reported by: twicedi | Disclosed:

Medium

Weakness: Information Disclosure

Reflected XSS at https://█████████ via "███" parameter

Reported by: pelegn | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

Git repo on https://██████.mil/ discloses API password

Reported by: al-madjus | Disclosed:

High

Weakness: Password in Configuration File

Reflected XSS at https://██████████/████████ via "███████" parameter

Reported by: pelegn | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

RCE on █████ via CVE-2017-10271

Reported by: erbbysam | Disclosed:

Critical

Weakness: Code Injection

CVEs: CVE-2017-10271

RXSS - ████

Reported by: 0xelkomy | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

Blind Stored XSS on the internal host - █████████████

Reported by: sp1d3rs | Disclosed:

High

Weakness: Cross-site Scripting (XSS) - Stored

Remote Code Execution (RCE) in a DoD website

Reported by: joaomatosf | Disclosed:

Critical

Weakness: Deserialization of Untrusted Data

CVEs: CVE-2017-10366

Remote Code Execution (RCE) in a DoD website

Reported by: joaomatosf | Disclosed:

Critical

Weakness: Deserialization of Untrusted Data

[https://███] Local File Inclusion via graph.php

Reported by: cablej_dds | Disclosed:

Medium

Weakness: Path Traversal

SQL Injection on www.██████████ on countID parameter

Reported by: 0_1vitthal | Disclosed:

High

Weakness: SQL Injection

CRLF Injection on ███████

Reported by: twicedi | Disclosed:

Medium

Weakness: CRLF Injection

SQL injection my method -1 OR 321=6 AND 000159=000159

Reported by: lu3ky-13 | Disclosed:

Medium

Weakness: Code Injection

Cross site scripting

Reported by: lu3ky-13 | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

User automatically logged in as Sys Admin user on https://███/Administration/Administration.aspx

Reported by: mrr0b0t2324 | Disclosed:

Critical

Weakness: Improper Access Control - Generic

LDAP Anonymous Login enabled in ████

Reported by: shuvam321 | Disclosed:

High

Weakness: Information Disclosure

Blind Sql Injection in https://█████/qsSearch.aspx

Reported by: hack0neone | Disclosed:

High

Weakness: SQL Injection

Reflected XSS vulnerability on a DoD website

Reported by: mantis | Disclosed:

Low

Weakness: Cross-site Scripting (XSS) - Generic

Null byte Injection in https://████/

Reported by: mohammedadam24 | Disclosed:

High

Weakness: Improper Null Termination

Sensitive information on ██████████

Reported by: 3mm3 | Disclosed:

Medium

Weakness: Cleartext Storage of Sensitive Information

Page 1 of 42 Next