Channel address:
Categories:
Technologies
Language: English
Subscribers:
1.23K
Description from channel
Latest updates about disclosure bug bounty reports: tech details, impacts, bounties 📣
Rate👇
https://cutt.ly/bugpoint_rate
Feedback👇
https://cutt.ly/bugpoint_feedback
#️⃣ bug bounty disclosed reports
#️⃣ bug bounty write-ups
#️⃣ bug bounty teleg
Ratings & Reviews
Reviews can be left only by registered users. All reviews are moderated by admins.
5 stars
1
4 stars
0
3 stars
0
2 stars
0
1 stars
1
The latest Messages 20
2022-04-26 10:04:02
RCE via exposed JMX server on jabber.37signals.com/jabber.basecamp.com https://hackerone.com/reports/1456063
Severity: Low |
100 USD Reported To: Basecamp
Reported By: #ian
State: Resolved
Disclosed: April 26, 2022, 7:01am (UTC)
192 views07:04
2022-04-26 01:30:03
Local file disclosure through SSRF at next.nutanix.com https://hackerone.com/reports/471520
Severity: High
Reported To: Nutanix
Reported By: #tosun
State: Resolved
Disclosed: April 25, 2022, 10:27pm (UTC)
202 views22:30
2022-04-25 15:30:02
Force User to Accept Attacker's invite [ Restrict user to create account] https://hackerone.com/reports/1420070
Severity: Low |
100 USD Reported To: Krisp
Reported By: #sammam
State: Resolved
Disclosed: April 25, 2022, 12:27pm (UTC)
100 views12:30
2022-04-25 15:22:03
Visibility Robots.txt file https://hackerone.com/reports/1450014
Severity: No Rating
Reported To: Krisp
Reported By: #razahack
State: Duplicate
Disclosed: April 25, 2022, 12:20pm (UTC)
108 views12:22
2022-04-25 14:02:02
Xss triggered in Your-store.myshopify.com/myshopify.com/admin/apps/shopify-email/editor/**** https://hackerone.com/reports/1472471
Severity: Medium |
2,900 USD Reported To: Shopify
Reported By: #danishalkatiri
State: Resolved
Disclosed: April 25, 2022, 11:01am (UTC)
121 views11:02
2022-04-25 14:00:02
CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256 comparison disaster https://hackerone.com/reports/1549435
Severity: Medium
Reported To: curl
Reported By: #nyymi
State: N/A
Disclosed: April 25, 2022, 10:58am (UTC)
122 views11:00
2022-04-25 12:08:02
CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 bypass if string not 32 chars https://hackerone.com/reports/1549461
Severity: Medium
Reported To: curl
Reported By: #nyymi
State: N/A
Disclosed: April 25, 2022, 9:05am (UTC)
141 views09:08
2022-04-25 01:10:03
--libcurl code injection via trigraphs https://hackerone.com/reports/1548535
Severity: Low
Reported To: curl
Reported By: #nyymi
State: Informative
Disclosed: April 24, 2022, 10:07pm (UTC)
172 views22:10
2022-04-23 20:26:03
Renderers can obtain access to random bluetooth device without permission https://hackerone.com/reports/1519099
Severity: Low |
480 USD Reported To: Internet Bug Bounty
Reported By: #palmeral
State: Resolved
Disclosed: April 23, 2022, 5:23pm (UTC)
74 views17:26
2022-04-23 10:10:02
Attacker can bypass authentication build on ingress external auth (`nginx.ingress.kubernetes.io/auth-url`) https://hackerone.com/reports/1357948
Severity: Medium |
500 USD Reported To: Kubernetes
Reported By: #thisbug
State: Informative
Disclosed: April 23, 2022, 7:07am (UTC)
93 views07:10