Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

Imgur - HackerOne Reports

View on HackerOne

25

Total Reports

2

Critical

2

High

12

Medium

3

Low

BUG XSS IN "ADD IMAGES"

Reported by: rioncool22 | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Stored

Stored XSS in Post title (PoC)

Reported by: zerox4 | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Stored

8ybhy85kld9zp9xf84x6.imgur.com Subdomain Takeover

Reported by: mr_baka | Disclosed:

High

RCE by command line argument injection to `gm convert` in `/edit/process?a=crop`

Reported by: neex | Disclosed:

Critical

Weakness: Command Injection - Generic

CVEs: CVE-2016-10033

Remote Code Execution on Git.imgur-dev.com

Reported by: orange | Disclosed:

Critical

Weakness: Code Injection

Ability to login to the Nexus Repo Manager from https://nexus.imgur.com/

Reported by: sbakhour | Disclosed:

Medium

Weakness: Path Traversal

CSRF leads to a stored self xss

Reported by: hogarth45 | Disclosed:

Low

Weakness: Cross-site Scripting (XSS) - Reflected

Bypass subscription

Reported by: 1a2er3d | Disclosed:

Medium

Weakness: Business Logic Errors

SSRF in imgur video GIF conversion

Reported by: mariuszpoplawski | Disclosed:

High

Weakness: Server-Side Request Forgery (SSRF)

HTML Injection with XSS possible

Reported by: malek | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Stored

Reflected XSS in m.imgur.com

Reported by: logue | Disclosed:

Weakness: Cross-site Scripting (XSS) - Generic

Sourcemaps and Unminified Source Code Exposed on Pages

Reported by: gennaro | Disclosed:

Medium

Weakness: Improper Access Control - Generic

xss reflected on imgur.com

Reported by: ferdihermawan1337 | Disclosed:

Weakness: Cross-site Scripting (XSS) - Reflected

Xss on community.imgur.com

Reported by: madrobot | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

Information disclosure (No rate limting in forgot password & other login)

Reported by: protector47 | Disclosed:

Weakness: Information Disclosure

Unauthenticated Docker registry

Reported by: nathonsecurity | Disclosed:

Weakness: Improper Authentication - Generic

Go.imgur.com can be used to phish for account information

Reported by: kiyell | Disclosed:

Low

Weakness: Phishing

self-xss with ClickJacking can leads to account takeover in Firefox

Reported by: keer0k | Disclosed:

Low

Weakness: Cross-site Scripting (XSS) - DOM

Password Reset Link not expiring after changing the email Leads To Account Takeover

Reported by: alishah | Disclosed:

Medium

Weakness: Improper Authentication - Generic

No length on password

Reported by: blackflyhunter | Disclosed:

Medium

Weakness: Weak Password Recovery Mechanism for Forgotten Password

Page 1 of 2 Next