Ian Dunn - HackerOne Reports
View on HackerOne33
Total Reports
0
Critical
2
High
5
Medium
3
Low
bypass to csv injection
Reported by:
superngorksky
|
Disclosed:
Weakness: Command Injection - Generic
unchecked unserialize usages in audit-trail-extension/audit-trail-extension.php
Reported by:
e3amn2l
|
Disclosed:
Medium
Bounty: $50.00
constant cache_page_secret in regolith
Reported by:
e3amn2l
|
Disclosed:
Bounty: $25.00
Potentially vulnerable version of Apache software in and default files on https://iandunn.name/
Reported by:
ethnicalhacker
|
Disclosed:
Weakness: Information Disclosure
Dos https://iandunn.name/ via CVE-2018-6389 exploitation
Reported by:
bruteforce
|
Disclosed:
CVEs:
CVE-2018-6389
XSSI: Quick Navigation Interface - leak of private page/post titles
Reported by:
foobar7
|
Disclosed:
Medium
Weakness: Information Disclosure
Bounty: $50.00
Multiple server ssh usernames leaked in your github repository
Reported by:
praalsanthpro
|
Disclosed:
Medium
Weakness: Information Disclosure
Formula injection via CSV exports in WordCamp Talks plugin
Reported by:
whitehatter
|
Disclosed:
Medium
Weakness: Command Injection - Generic
Bounty: $50.00
Timing Attack in Google Authenticator - Per User Prompt
Reported by:
whitehatter
|
Disclosed:
High
Weakness: Cryptographic Issues - Generic
Bounty: $25.00
No CAPTCHA ia exist in pages
Reported by:
ravenbugbounty
|
Disclosed:
Weakness: Violation of Secure Design Principles
SSRF Possible through /wordpress/xmlrpc.php
Reported by:
azzassin
|
Disclosed:
Weakness: Server-Side Request Forgery (SSRF)
unchecked unserialize usage in WordPress-Functionality-Plugin-Skeleton/functionality-plugin-skeleton.php
Reported by:
e3amn2l
|
Disclosed:
Bounty: $25.00
Potential Open-Redirection
Reported by:
damn007
|
Disclosed:
Weakness: Open Redirect
Previous
Page 2 of 2