Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

Endless Group - HackerOne Reports

View on HackerOne

7

Total Reports

0

Critical

1

High

4

Medium

1

Low

Enumeration of username on password reset page

Reported by: codermak | Disclosed:

Low

Weakness: Information Exposure Through an Error Message

Modify Host Header which is sent to email

Reported by: codermak | Disclosed:

High

Weakness: Code Injection

CVE-2017-8779 exploit on open rpcbind port could lead to remote DoS

Reported by: b039f6018eb9056011859b0 | Disclosed:

Medium

Weakness: Uncontrolled Resource Consumption

Weak Password Policy via DirectAdmin Password Change Functionality

Reported by: seqode | Disclosed:

Weakness: Violation of Secure Design Principles

Lets Encrypt Certificates affected by CAA Rechecking Incident

Reported by: pr3r00t | Disclosed:

Medium

Weakness: Improper Certificate Validation

CVE-2020-14179 on https://jira.theendlessweb.com/secure/QueryComponent!Default.jspa leads to information disclosure

Reported by: nagli | Disclosed:

Medium

Weakness: Information Disclosure

CVEs: CVE-2020-14179

XSS on https://fax.pbx.itsendless.org/ (CVE-2017-18024)

Reported by: pirneci | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Generic

CVEs: CVE-2017-18024