Telegram Web
tgoop.com Β» United States Β» Bugpoint Β» Telegram Web
Bugpoint
CORS Misconfiguration on trust.yelp.com

πŸ‘‰ https://hackerone.com/reports/1716286

πŸ”Ή Severity: Medium
πŸ”Ή Reported To: Yelp
πŸ”Ή Reported By: #ajayjachak
πŸ”Ή State: πŸ”΄ N/A
πŸ”Ή Disclosed: October 10, 2022, 4:59am (UTC)
252 views
Bugpoint
Deny of service via malicious Content-Type

πŸ‘‰ https://hackerone.com/reports/1715536

πŸ”Ή Severity: High
πŸ”Ή Reported To: Fastify
πŸ”Ή Reported By: #bitk
πŸ”Ή State: 🟒 Resolved
πŸ”Ή Disclosed: October 10, 2022, 8:43am (UTC)
250 views
Bugpoint
Stored XSS in the ticketing system

πŸ‘‰ https://hackerone.com/reports/1694037

πŸ”Ή Severity: Medium | πŸ’° 1,000 USD
πŸ”Ή Reported To: TikTok
πŸ”Ή Reported By: #codeslayer137
πŸ”Ή State: 🟒 Resolved
πŸ”Ή Disclosed: October 10, 2022, 10:35pm (UTC)
320 views
Bugpoint
Autofill/Autosave password on login

πŸ‘‰ https://hackerone.com/reports/1720621

πŸ”Ή Severity: Medium
πŸ”Ή Reported To: Yelp
πŸ”Ή Reported By: #zero_990
πŸ”Ή State: πŸ”΄ N/A
πŸ”Ή Disclosed: October 11, 2022, 5:15pm (UTC)
354 views
Bugpoint
IDOR [mtnmobad.mtnbusiness.com.ng]

πŸ‘‰ https://hackerone.com/reports/1698006

πŸ”Ή Severity: Critical
πŸ”Ή Reported To: MTN Group
πŸ”Ή Reported By: #insomnia_hax
πŸ”Ή State: 🟒 Resolved
πŸ”Ή Disclosed: October 13, 2022, 7:18am (UTC)
262 views
Bugpoint
DoS of https://research.adobe.com/ via CVE-2018-6389 exploitation

πŸ‘‰ https://hackerone.com/reports/1511628

πŸ”Ή Severity: Medium
πŸ”Ή Reported To: Adobe
πŸ”Ή Reported By: #shirshak
πŸ”Ή State: 🟒 Resolved
πŸ”Ή Disclosed: October 13, 2022, 9:52am (UTC)
269 views
Bugpoint
Misconfigured build on websites "abuse.cloudflare.com"

πŸ‘‰ https://hackerone.com/reports/1624911

πŸ”Ή Severity: Low | πŸ’° 100 USD
πŸ”Ή Reported To: Cloudflare Public Bug Bounty
πŸ”Ή Reported By: #paradessia_
πŸ”Ή State: 🟒 Resolved
πŸ”Ή Disclosed: October 13, 2022, 10:02am (UTC)
248 views
Bugpoint
mail.acronis.com is vulnerable to zero day vulnerability CVE-2022-41040

πŸ‘‰ https://hackerone.com/reports/1719719

πŸ”Ή Severity: Critical | πŸ’° 1,000 USD
πŸ”Ή Reported To: Acronis
πŸ”Ή Reported By: #aplis
πŸ”Ή State: 🟒 Resolved
πŸ”Ή Disclosed: October 13, 2022, 5:12pm (UTC)
227 views
Bugpoint
Cross-site scripting on api.collabs.shopify.com

πŸ‘‰ https://hackerone.com/reports/1672459

πŸ”Ή Severity: Medium | πŸ’° 1,600 USD
πŸ”Ή Reported To: Shopify
πŸ”Ή Reported By: #kun_19
πŸ”Ή State: 🟒 Resolved
πŸ”Ή Disclosed: October 13, 2022, 6:12pm (UTC)
206 views
Bugpoint
XSS seems to work again after change to linkpop at https://linkpop.com/testnaglinagli

πŸ‘‰ https://hackerone.com/reports/1569940

πŸ”Ή Severity: Medium | πŸ’° 1,600 USD
πŸ”Ή Reported To: Shopify
πŸ”Ή Reported By: #nagli
πŸ”Ή State: 🟒 Resolved
πŸ”Ή Disclosed: October 13, 2022, 6:22pm (UTC)
180 views
Bugpoint
Staff can create workflows in Shopify Admin without apps permission

πŸ‘‰ https://hackerone.com/reports/1521336

πŸ”Ή Severity: Medium | πŸ’° 1,600 USD
πŸ”Ή Reported To: Shopify
πŸ”Ή Reported By: #jmp_35p
πŸ”Ή State: 🟒 Resolved
πŸ”Ή Disclosed: October 13, 2022, 6:53pm (UTC)
175 views
Bugpoint
Self XSS in https://linkpop.com/dashboard/admin

πŸ‘‰ https://hackerone.com/reports/1591403

πŸ”Ή Severity: Low | πŸ’° 500 USD
πŸ”Ή Reported To: Shopify
πŸ”Ή Reported By: #hazemhussien99
πŸ”Ή State: 🟒 Resolved
πŸ”Ή Disclosed: October 13, 2022, 9:20pm (UTC)
172 views
Bugpoint
Account takeover on β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ [HtUS]

πŸ‘‰ https://hackerone.com/reports/1627961

πŸ”Ή Severity: High | πŸ’° 500 USD
πŸ”Ή Reported To: U.S. Dept Of Defense
πŸ”Ή Reported By: #nightm4re
πŸ”Ή State: 🟒 Resolved
πŸ”Ή Disclosed: October 14, 2022, 1:05pm (UTC)
178 views
Bugpoint
IDOR leaking PII data via VendorId parameter

πŸ‘‰ https://hackerone.com/reports/1690044

πŸ”Ή Severity: Medium
πŸ”Ή Reported To: U.S. Dept Of Defense
πŸ”Ή Reported By: #0x1int
πŸ”Ή State: 🟒 Resolved
πŸ”Ή Disclosed: October 14, 2022, 1:24pm (UTC)
182 views
Bugpoint
Account Takeover and Information update due to cross site request forgery via POST β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ/registration/my-account.cfm

πŸ‘‰ https://hackerone.com/reports/1626356

πŸ”Ή Severity: Medium
πŸ”Ή Reported To: U.S. Dept Of Defense
πŸ”Ή Reported By: #snifyak
πŸ”Ή State: 🟒 Resolved
πŸ”Ή Disclosed: October 14, 2022, 1:28pm (UTC)
205 views
Bugpoint
Blind SSRF via image upload URL downloader on https://β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ/

πŸ‘‰ https://hackerone.com/reports/1691501

πŸ”Ή Severity: High
πŸ”Ή Reported To: U.S. Dept Of Defense
πŸ”Ή Reported By: #0x1int
πŸ”Ή State: 🟒 Resolved
πŸ”Ή Disclosed: October 14, 2022, 1:36pm (UTC)
210 views
Bugpoint
[HTA2] Receivingβ–ˆβ–ˆβ–ˆβ–ˆ access request on @wearehackerone.com email address

πŸ‘‰ https://hackerone.com/reports/715740

πŸ”Ή Severity: Medium | πŸ’° 750 USD
πŸ”Ή Reported To: U.S. Dept Of Defense
πŸ”Ή Reported By: #jr0ch17
πŸ”Ή State: 🟒 Resolved
πŸ”Ή Disclosed: October 14, 2022, 1:41pm (UTC)
214 views
Bugpoint
[hta3] Chain of ESI Injection & Reflected XSS leading to Account Takeover on [β–ˆβ–ˆβ–ˆ]

πŸ‘‰ https://hackerone.com/reports/1073780

πŸ”Ή Severity: High | πŸ’° 750 USD
πŸ”Ή Reported To: U.S. Dept Of Defense
πŸ”Ή Reported By: #jr0ch17
πŸ”Ή State: 🟒 Resolved
πŸ”Ή Disclosed: October 14, 2022, 1:44pm (UTC)
242 views
Bugpoint
Local file read at https://β–ˆβ–ˆβ–ˆβ–ˆ/ [HtUS]

πŸ‘‰ https://hackerone.com/reports/1626210

πŸ”Ή Severity: Critical | πŸ’° 1,000 USD
πŸ”Ή Reported To: U.S. Dept Of Defense
πŸ”Ή Reported By: #sudi
πŸ”Ή State: 🟒 Resolved
πŸ”Ή Disclosed: October 14, 2022, 1:51pm (UTC)
275 views
Bugpoint
Broken access discloses users and PII at https://β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ [HtUS]

πŸ‘‰ https://hackerone.com/reports/1624374

πŸ”Ή Severity: High
πŸ”Ή Reported To: U.S. Dept Of Defense
πŸ”Ή Reported By: #g4mb4
πŸ”Ή State: 🟒 Resolved
πŸ”Ή Disclosed: October 14, 2022, 1:53pm (UTC)
340 views
2025/07/14 15:21:50
Back to Top
HTML Embed Code: