Bug Bounty Channel @bug_bounty_channel Channel on Telegram

Bug Bounty Channel

@bug_bounty_channel

All bug bounties here.

Bug Bounty Channel (English)

Are you passionate about cybersecurity and hunting for bugs? Look no further than the Bug Bounty Channel! This Telegram channel, with the username @bug_bounty_channel, is your one-stop destination for all bug bounties. Whether you are a seasoned ethical hacker or just starting out in the world of cybersecurity, this channel has something for everyone. You will find the latest updates on bug bounty programs from various companies, tips and tricks on finding and reporting bugs, and even success stories from fellow bug bounty hunters. Stay ahead of the curve and sharpen your skills by joining the Bug Bounty Channel today. Don't miss out on the opportunity to earn rewards while making the digital world a safer place for everyone. Join now and be part of a community dedicated to making the internet a more secure place, one bug at a time.

Bug Bounty Channel

13 Feb, 19:13

๐Ÿฆ Hemi VDP Report
๐Ÿ“ Title: Linkedin Broken Link Hijacking on https://hemi.xyz/about
๐Ÿ” Reporter: angry (Althaf Shajahan)

๐Ÿ“‹ Details:
โ”” ๐Ÿ”— URL: https://hackerone.com/reports/2990368
โ”” ๐Ÿ“Š Status: resolved
โ”” โšก Severity: Low
โ”” ๐ŸŽฏ CWE: Externally Controlled Reference to a Resource in Another Sphere
โ”” ๐Ÿ”ข CVE: None
โ”” ๐Ÿ‘ Votes: 1

โฐ Timeline:
โ”” ๐Ÿ”“ Disclosed: 2025-02-13 19:13:05 UTC
โ”” ๐Ÿ“ Created: 2025-02-12 14:29:46 UTC

๐Ÿ“„ Summary:
Not provided
925
Bug Bounty Channel

13 Feb, 07:16

๐Ÿฆ Autodesk Report
๐Ÿ”ฅ Title: Wordpress users Disclosure
๐Ÿ” Reporter: karimtantawy (Karim Tantawy)

๐Ÿ“‹ Details:
โ”” ๐Ÿ”— URL: https://hackerone.com/reports/2981756
โ”” ๐Ÿ“Š Status: informative
โ”” โšก Severity: Critical
โ”” ๐ŸŽฏ CWE: Information Disclosure
โ”” ๐Ÿ”ข CVE: None
โ”” ๐Ÿ‘ Votes: 6

โฐ Timeline:
โ”” ๐Ÿ”“ Disclosed: 2025-02-12 17:00:44 UTC
โ”” ๐Ÿ“ Created: 2025-02-08 08:21:02 UTC

๐Ÿ“„ Summary:
Not provided
1,242
Bug Bounty Channel

13 Feb, 07:16

๐Ÿฆ U.S. Dept Of Defense Report
โšก Title: Publicly Editable U.S. Air Force Google Spreadsheet Exposing Student Leave Data
๐Ÿ” Reporter: kolcyberdef (KolCyberDef)

๐Ÿ“‹ Details:
โ”” ๐Ÿ”— URL: https://hackerone.com/reports/2682079
โ”” ๐Ÿ“Š Status: resolved
โ”” โšก Severity: Medium
โ”” ๐ŸŽฏ CWE: Improper Access Control - Generic
โ”” ๐Ÿ”ข CVE: None
โ”” ๐Ÿ‘ Votes: 1

โฐ Timeline:
โ”” ๐Ÿ”“ Disclosed: 2025-02-12 20:50:49 UTC
โ”” ๐Ÿ“ Created: 2024-08-24 14:45:35 UTC

๐Ÿ“„ Summary:
The U.S. Air Force Google Spreadsheet that exposed student leave data was publicly editable, allowing any unauthorized user to access and modify the restricted contents.
1,154
Bug Bounty Channel

13 Feb, 07:16

๐Ÿฆ U.S. Dept Of Defense Report
โšก Title: Improper Authentication Allows Making Appeals as Other Users
๐Ÿ” Reporter: turbul3nce (No name)

๐Ÿ“‹ Details:
โ”” ๐Ÿ”— URL: https://hackerone.com/reports/2666323
โ”” ๐Ÿ“Š Status: resolved
โ”” โšก Severity: Medium
โ”” ๐ŸŽฏ CWE: Improper Authentication - Generic
โ”” ๐Ÿ”ข CVE: None
โ”” ๐Ÿ‘ Votes: 1

โฐ Timeline:
โ”” ๐Ÿ”“ Disclosed: 2025-02-12 20:51:35 UTC
โ”” ๐Ÿ“ Created: 2024-08-16 09:29:30 UTC

๐Ÿ“„ Summary:
The vulnerability allowed unauthenticated users to submit appeals by manipulating HTTP responses. This undermined the security and integrity of the application, as users could perform actions reserved for logged-in users.
976
Bug Bounty Channel

13 Feb, 07:16

๐Ÿฆ U.S. Dept Of Defense Report
๐Ÿ”ฅ Title: Applicant security exam Attachments/Documents accessible through an IDOR/BAC on the custom Apex controller on https://โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆ.mil
๐Ÿ” Reporter: oxylis (Oxylis)

๐Ÿ“‹ Details:
โ”” ๐Ÿ”— URL: https://hackerone.com/reports/2950536
โ”” ๐Ÿ“Š Status: resolved
โ”” โšก Severity: Critical
โ”” ๐ŸŽฏ CWE: Improper Access Control - Generic
โ”” ๐Ÿ”ข CVE: None
โ”” ๐Ÿ‘ Votes: 4

โฐ Timeline:
โ”” ๐Ÿ”“ Disclosed: 2025-02-12 20:55:26 UTC
โ”” ๐Ÿ“ Created: 2025-01-20 16:46:59 UTC

๐Ÿ“„ Summary:
The applicant security exam contained an Insecure Direct Object Reference (IDOR) vulnerability on the custom Apex controller on the https://โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆ.mil portal. The vulnerability allowed an attacker to switch the ownership of any Attachment record and access the files, which contained sensitive information such as personal medical records submitted as part of the vetting procedures.
1,151
Bug Bounty Channel

03 Sep, 18:36

Hacktivity from cybxis 
 
Login email verification bypass via \`/oauth/token\`\.

https://hackerone.com/reports/2676025
Disclosed at: 2024-09-03 17:51:10 UTC+0
Created at: 2024-08-22 14:00:30 UTC+0
10,968
Bug Bounty Channel

30 Aug, 23:31

Hacktivity from 0xmekky 
 
PHP info page disclosure in https://41\.242\.90\.8/

https://hackerone.com/reports/1848780
Disclosed at: 2024-08-30 23:12:32 UTC+0
Created at: 2023-01-27 14:42:49 UTC+0
11,326
Bug Bounty Channel

30 Aug, 23:31

Hacktivity from 0xmekky 
 
Reflected cross site scripting \(XSS\) attacks Reflected XSS attacks,

https://hackerone.com/reports/1799197
Disclosed at: 2024-08-30 23:13:54 UTC+0
Created at: 2022-12-10 15:23:07 UTC+0
8,395
Bug Bounty Channel

30 Aug, 16:36

Hacktivity from deb0con 
 
CVE\-2010\-1429 JBoss Insecure Storage of Sensitive Information on ips\.mtn\.co\.ug

https://hackerone.com/reports/2375659
Disclosed at: 2024-08-30 16:28:31 UTC+0
Created at: 2024-02-15 20:52:36 UTC+0
7,084
Bug Bounty Channel

30 Aug, 16:36

Hacktivity from deb0con 
 
CVE\-2018\-0296 Cisco ASA Denial of Service & Path Traversal vulnerable on \[mtn\.co\.ug\]

https://hackerone.com/reports/2375666
Disclosed at: 2024-08-30 16:28:37 UTC+0
Created at: 2024-02-15 21:01:53 UTC+0
5,198
Bug Bounty Channel

30 Aug, 04:35

Hacktivity from saurabhb 
 
Private data related to program exposed via /reports/<id>\.json endpoint to external user participant

https://hackerone.com/reports/2580982
Disclosed at: 2024-08-30 03:53:25 UTC+0
Created at: 2024-06-28 12:22:19 UTC+0
4,236
Bug Bounty Channel

29 Aug, 18:35

Hacktivity from 0xelkot 
 
XSS on โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆ

https://hackerone.com/reports/2615670
Disclosed at: 2024-08-29 17:45:46 UTC+0
Created at: 2024-07-22 07:44:56 UTC+0
3,878
Bug Bounty Channel

29 Aug, 18:35

Hacktivity from thpless 
 
XSS found for https://โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆ

https://hackerone.com/reports/2670521
Disclosed at: 2024-08-29 17:46:25 UTC+0
Created at: 2024-08-20 06:26:14 UTC+0
3,639
Bug Bounty Channel

29 Aug, 18:35

Hacktivity from iamunixtz 
 
Blind Sql Injection in https://โ–ˆโ–ˆโ–ˆโ–ˆ

https://hackerone.com/reports/2597543
Disclosed at: 2024-08-29 17:47:35 UTC+0
Created at: 2024-07-11 16:44:20 UTC+0
3,158
Bug Bounty Channel

28 Aug, 09:31

Hacktivity from mmg 
 
SQL injection in https://demor\.adr\.acronis\.com/ via the username parameter

https://hackerone.com/reports/1436751
Disclosed at: 2024-08-28 09:01:45 UTC+0
Created at: 2021-12-27 16:10:36 UTC+0
3,165
Bug Bounty Channel

28 Aug, 09:30

Hacktivity from mikkocarreon 
 
\[CVE\-2021\-44228\] Arbitrary Code Execution on ng01\-cloud\.acronis\.com

https://hackerone.com/reports/1459714
Disclosed at: 2024-08-28 09:03:58 UTC+0
Created at: 2022-01-25 07:33:15 UTC+0
2,898
Bug Bounty Channel

28 Aug, 09:30

Hacktivity from godiego 
 
\[forum\.acronis\.com\] JNDI Code Injection due an outdated log4j component

https://hackerone.com/reports/1430622
Disclosed at: 2024-08-28 09:04:18 UTC+0
Created at: 2021-12-19 06:07:01 UTC+0
2,639
Bug Bounty Channel

27 Aug, 15:32

Hacktivity from renniepak 
 
MetaMask Browser \(on Android\) does not enforce Content\-Security\-Policy header

https://hackerone.com/reports/1941767
Disclosed at: 2024-08-27 15:02:23 UTC+0
Created at: 2023-04-11 09:52:42 UTC+0
2,503
Bug Bounty Channel

27 Aug, 15:31

Hacktivity from noentry 
 
CVE\-2024\-7347: Buffer overread in the ngx\_http\_mp4\_module

https://hackerone.com/reports/2658447
Disclosed at: 2024-08-27 15:11:43 UTC+0
Created at: 2024-08-14 18:06:38 UTC+0
2,249
Bug Bounty Channel

27 Aug, 14:36

Hacktivity from mmg 
 
Local Privilege Escalation via EXE hijacking with Acronis True Image 2021 installer

https://hackerone.com/reports/970739
Disclosed at: 2024-08-27 13:39:03 UTC+0
Created at: 2020-08-30 14:33:07 UTC+0
3,375
Bug Bounty Channel

27 Aug, 14:36

Hacktivity from mmg 
 
Local Privilege Escalation via EXE hijacking with Acronis True Image 2021 \- Acronis Scheduler2 Service

https://hackerone.com/reports/971610
Disclosed at: 2024-08-27 13:46:27 UTC+0
Created at: 2020-08-31 21:20:38 UTC+0
2,310
Bug Bounty Channel

27 Aug, 14:36

Hacktivity from z3ron3 
 
DLL Hijacking when sending feedback and crash report leading to Privilege Escalation

https://hackerone.com/reports/1008427
Disclosed at: 2024-08-27 13:46:49 UTC+0
Created at: 2020-10-14 13:17:52 UTC+0
1,670
Bug Bounty Channel

27 Aug, 14:36

Hacktivity from z3ron3 
 
DLL Hijacking when creating Rescue Media Builder leading to Privilege Escalation

https://hackerone.com/reports/1010552
Disclosed at: 2024-08-27 13:48:12 UTC+0
Created at: 2020-10-17 09:59:28 UTC+0
1,491
Bug Bounty Channel

27 Aug, 14:36

Hacktivity from sanderz31 
 
Acronis True Image 2020 Build 22510 Nonstop Backup Service Unquoted service path \(privilege escalation\)

https://hackerone.com/reports/1083532
Disclosed at: 2024-08-27 13:49:17 UTC+0
Created at: 2021-01-21 20:01:36 UTC+0
1,322
Bug Bounty Channel

27 Aug, 14:36

Hacktivity from vanitas 
 
TrueImage for Acronis True Image 2020 \- Untrusted DLL Search\-Ordering lead to Privilege Escalation as Administrative account

https://hackerone.com/reports/959017
Disclosed at: 2024-08-27 13:49:50 UTC+0
Created at: 2020-08-14 18:18:16 UTC+0
1,691

2025 All Right Reserved

Disclaimer: The content displayed on this website is solely provided by the respective Telegram channels. We hold no ownership or responsibility for the content shared by these channels.