Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

Sifchain - HackerOne Reports

View on HackerOne

71

Total Reports

0

Critical

3

High

4

Medium

15

Low

information disclosure

Reported by: hacker13377331 | Disclosed:

Cross-site Scripting (XSS) possible at https://sifchain.finance// via CVE-2019-8331 exploitation

Reported by: foysalahmed | Disclosed:

Medium

CVEs: CVE-2019-8331

Email Spoofing bug

Reported by: ridoykhan0x1 | Disclosed:

Clickjacking at sifchain.finance

Reported by: manjithgowthaman | Disclosed:

Medium

Weakness: UI Redressing (Clickjacking)

Information disclosure on Sifchain

Reported by: rohitburke | Disclosed:

Weakness: Information Disclosure

Private KEY of crypto wallet

Reported by: krynos | Disclosed:

Weakness: Use of Hard-coded Password

CORS (Cross-Origin Resource Sharing) origin validation failure -Any website can issue requests made with user credentials and read the responses to th

Reported by: bader2 | Disclosed:

Weakness: Cross-site Scripting (XSS) - Stored

Wrong Url in Main Page

Reported by: dantt | Disclosed:

Low

Weakness: Misconfiguration

Bounty: $200.00

Linux Desktop application "sifnoded" executable does not use Pie / no ASLR

Reported by: dantt | Disclosed:

Weakness: Violation of Secure Design Principles

No Valid SPF Records at sifchain.finance

Reported by: dantt | Disclosed:

Weakness: Violation of Secure Design Principles

A password in plain text in conf file

Reported by: nouradeen | Disclosed:

Weakness: Password in Configuration File

Found key_adress and key_password in GitHub history

Reported by: mhohlfeld | Disclosed:

Weakness: Password in Configuration File

Username disclosure at Main Domain

Reported by: dantt | Disclosed:

Low

Weakness: Information Disclosure

Sifchain token leak

Reported by: ab321 | Disclosed:

Weakness: Insecure Storage of Sensitive Information

Vulnerable for clickjacking attack

Reported by: akay0783 | Disclosed:

Weakness: UI Redressing (Clickjacking)

Vulnerable javascript dependency at Main domain

Reported by: dantt | Disclosed:

Low

Weakness: Using Components with Known Vulnerabilities

CVEs: CVE-2019-8331 CVE-2018-14041 CVE-2018-14040 CVE-2018-14042

Subdomain Takeover on proxies.sifchain.finance pointing to vercel

Reported by: hrdfrdh | Disclosed:

High

Weakness: Misconfiguration

Clickjacking /framing on sensitive Subdomain

Reported by: ilxax1 | Disclosed:

Weakness: UI Redressing (Clickjacking)

Wordpress Users Disclosure (/wp-json/wp/v2/users/) on sifchain.finance

Reported by: ibrahimatix0x01 | Disclosed:

Low

Information Disclosure at one of your subdomain

Reported by: omemishra | Disclosed:

Weakness: Information Disclosure

Previous Page 2 of 4 Next