Bugpoint @bugpoint Channel on Telegram

Bugpoint

@bugpoint

Latest updates about disclosure bug bounty reports: tech details, impacts, bounties ๐Ÿ“ฃ

Rate๐Ÿ‘‡
https://cutt.ly/bugpoint_rate
Feedback๐Ÿ‘‡
https://cutt.ly/bugpoint_feedback

#๏ธโƒฃ bug bounty disclosed reports
#๏ธโƒฃ bug bounty write-ups
#๏ธโƒฃ bug bounty teleg

Bugpoint (English)

Are you someone who is passionate about cybersecurity and staying updated on the latest bug bounty reports? Look no further than the Bugpoint Telegram channel! Bugpoint provides its subscribers with the most recent disclosures of bug bounty reports, including detailed technical information, impacts, and bounties awarded. Stay informed and ahead of the game by joining Bugpoint today!
In this channel, you will find a wealth of information related to bug bounties, including write-ups and detailed reports on disclosed bugs. Whether you are a cybersecurity enthusiast, a bug bounty hunter, or simply interested in the world of ethical hacking, Bugpoint is the perfect place for you to expand your knowledge and stay informed about the latest developments in the field.

Join Bugpoint now to access exclusive content and be part of a community that shares a common interest in cybersecurity and bug bounties. Don't miss out on the opportunity to enhance your understanding of cybersecurity and learn from real-world bug bounty reports. Click on the links provided for rating and feedback, and be sure to engage with the valuable resources available in the channel. Stay informed, stay secure - join Bugpoint today!

Bugpoint

05 Dec, 16:37

IDOR in Stats API Endpoint Allows Viewing Equity or Net Profit of Any MT Account

๐Ÿ‘‰ https://hackerone.com/reports/1644436

๐Ÿ”น Severity: No Rating | ๐Ÿ’ฐ 1,000 USD
๐Ÿ”น Reported To: EXNESS
๐Ÿ”น Reported By: #ashwarya
๐Ÿ”น State: ๐ŸŸข Resolved
๐Ÿ”น Disclosed: December 5, 2022, 3:50pm (UTC)
2,328
Bugpoint

03 Dec, 01:10

CVE-2022-35260: .netrc parser out-of-bounds access

๐Ÿ‘‰ https://hackerone.com/reports/1753224

๐Ÿ”น Severity: Low | ๐Ÿ’ฐ 480 USD
๐Ÿ”น Reported To: Internet Bug Bounty
๐Ÿ”น Reported By: #kurohiro
๐Ÿ”น State: ๐ŸŸข Resolved
๐Ÿ”น Disclosed: December 3, 2022, 12:20am (UTC)
2,147
Bugpoint

02 Dec, 23:01

Exposed Cortex API at https://cortex-ingest.shopifycloud.com/

๐Ÿ‘‰ https://hackerone.com/reports/1258871

๐Ÿ”น Severity: Medium | ๐Ÿ’ฐ 6,300 USD
๐Ÿ”น Reported To: Shopify
๐Ÿ”น Reported By: #ian
๐Ÿ”น State: ๐ŸŸข Resolved
๐Ÿ”น Disclosed: December 2, 2022, 10:25pm (UTC)
1,446
Bugpoint

02 Dec, 22:25

POST following PUT confusion

๐Ÿ‘‰ https://hackerone.com/reports/1752146

๐Ÿ”น Severity: Medium | ๐Ÿ’ฐ 2,400 USD
๐Ÿ”น Reported To: Internet Bug Bounty
๐Ÿ”น Reported By: #robbotic
๐Ÿ”น State: ๐ŸŸข Resolved
๐Ÿ”น Disclosed: December 2, 2022, 9:03pm (UTC)
1,255
Bugpoint

02 Dec, 22:25

XSS in Acronis Cloud Manager Admin Portal

๐Ÿ‘‰ https://hackerone.com/reports/1388788

๐Ÿ”น Severity: Medium | ๐Ÿ’ฐ 100 USD
๐Ÿ”น Reported To: Acronis
๐Ÿ”น Reported By: #mooimacow
๐Ÿ”น State: ๐ŸŸข Resolved
๐Ÿ”น Disclosed: December 2, 2022, 7:48pm (UTC)
928
Bugpoint

02 Dec, 15:19

Authentication bypass in https://nin.mtn.ng

๐Ÿ‘‰ https://hackerone.com/reports/1747146

๐Ÿ”น Severity: Critical
๐Ÿ”น Reported To: MTN Group
๐Ÿ”น Reported By: #roland_hack
๐Ÿ”น State: ๐ŸŸข Resolved
๐Ÿ”น Disclosed: December 2, 2022, 1:00pm (UTC)
772
Bugpoint

02 Dec, 05:07

Stored XSS in /admin/product and /admin/collections

๐Ÿ‘‰ https://hackerone.com/reports/1147433

๐Ÿ”น Severity: Medium | ๐Ÿ’ฐ 5,300 USD
๐Ÿ”น Reported To: Shopify
๐Ÿ”น Reported By: #ashketchum
๐Ÿ”น State: ๐ŸŸข Resolved
๐Ÿ”น Disclosed: December 1, 2022, 10:44pm (UTC)
647
Bugpoint

02 Dec, 05:07

Disconnecting an external login provider does not revoke session

๐Ÿ‘‰ https://hackerone.com/reports/1547684

๐Ÿ”น Severity: Medium | ๐Ÿ’ฐ 1,600 USD
๐Ÿ”น Reported To: Shopify
๐Ÿ”น Reported By: #attackerbhai
๐Ÿ”น State: ๐ŸŸข Resolved
๐Ÿ”น Disclosed: December 1, 2022, 7:50pm (UTC)
561
Bugpoint

02 Dec, 02:34

Read/Write arbitrary (non-HttpOnly) cookies on checkout pages via GoogleAnalyticsAdditionalScripts postMessage handler

๐Ÿ‘‰ https://hackerone.com/reports/1081167

๐Ÿ”น Severity: Medium | ๐Ÿ’ฐ 1,600 USD
๐Ÿ”น Reported To: Shopify
๐Ÿ”น Reported By: #bored-engineer
๐Ÿ”น State: ๐ŸŸข Resolved
๐Ÿ”น Disclosed: December 1, 2022, 7:34pm (UTC)
519
Bugpoint

02 Dec, 02:34

Subdomain Takeover at course.oberlo.com

๐Ÿ‘‰ https://hackerone.com/reports/1690951

๐Ÿ”น Severity: No Rating
๐Ÿ”น Reported To: Shopify
๐Ÿ”น Reported By: #m7mdharoun
๐Ÿ”น State: ๐ŸŸข Resolved
๐Ÿ”น Disclosed: December 1, 2022, 7:22pm (UTC)
495
Bugpoint

01 Dec, 18:52

Remove Every User, Admin, And Owner Out Of Their Teams on developers.mtn.com via IDOR + Information Disclosure

๐Ÿ‘‰ https://hackerone.com/reports/1448550

๐Ÿ”น Severity: Critical
๐Ÿ”น Reported To: MTN Group
๐Ÿ”น Reported By: #wallotry
๐Ÿ”น State: ๐ŸŸข Resolved
๐Ÿ”น Disclosed: December 1, 2022, 5:34pm (UTC)
473
Bugpoint

01 Dec, 18:52

Unprotected Direct Object Reference

๐Ÿ‘‰ https://hackerone.com/reports/1536936

๐Ÿ”น Severity: Critical
๐Ÿ”น Reported To: MTN Group
๐Ÿ”น Reported By: #coyemerald
๐Ÿ”น State: ๐ŸŸข Resolved
๐Ÿ”น Disclosed: December 1, 2022, 5:24pm (UTC)
437
Bugpoint

01 Dec, 12:13

Firebase Database Takeover in https://pulseradio.mtn.co.ug/

๐Ÿ‘‰ https://hackerone.com/reports/1447751

๐Ÿ”น Severity: Critical
๐Ÿ”น Reported To: MTN Group
๐Ÿ”น Reported By: #shuvam321
๐Ÿ”น State: ๐ŸŸข Resolved
๐Ÿ”น Disclosed: December 1, 2022, 10:52am (UTC)
435
Bugpoint

01 Dec, 12:13

Calendar name length not validated before writing to database

๐Ÿ‘‰ https://hackerone.com/reports/1596148

๐Ÿ”น Severity: Low
๐Ÿ”น Reported To: Nextcloud
๐Ÿ”น Reported By: #errorx404
๐Ÿ”น State: ๐ŸŸข Resolved
๐Ÿ”น Disclosed: December 1, 2022, 9:49am (UTC)
424
Bugpoint

01 Dec, 12:13

CVE-2022-45402: Apache Airflow: Open redirect during login

๐Ÿ‘‰ https://hackerone.com/reports/1782514

๐Ÿ”น Severity: Medium | ๐Ÿ’ฐ 2,400 USD
๐Ÿ”น Reported To: Internet Bug Bounty
๐Ÿ”น Reported By: #bugra
๐Ÿ”น State: ๐ŸŸข Resolved
๐Ÿ”น Disclosed: December 1, 2022, 9:41am (UTC)
438
Bugpoint

01 Dec, 04:31

Double evaluation in .bash_prompt of dotfiles allows a malicious repository to execute arbitrary commands

๐Ÿ‘‰ https://hackerone.com/reports/1785378

๐Ÿ”น Severity: High | ๐Ÿ’ฐ 300 USD
๐Ÿ”น Reported To: Ian Dunn
๐Ÿ”น Reported By: #ryotak
๐Ÿ”น State: ๐ŸŸข Resolved
๐Ÿ”น Disclosed: December 1, 2022, 4:00am (UTC)
488
Bugpoint

30 Nov, 19:40

Campaign Account Balance and History Disclosed in API Response

๐Ÿ‘‰ https://hackerone.com/reports/1587374

๐Ÿ”น Severity: Medium | ๐Ÿ’ฐ 500 USD
๐Ÿ”น Reported To: LinkedIn
๐Ÿ”น Reported By: #sachin_kumar_
๐Ÿ”น State: ๐ŸŸข Resolved
๐Ÿ”น Disclosed: November 30, 2022, 7:31pm (UTC)
416
Bugpoint

30 Nov, 18:43

If the website does not impose additional defense against CSRF attacks, failing to use the 'Lax' or 'Strict' values could increase the risk of exposur

๐Ÿ‘‰ https://hackerone.com/reports/1707680

๐Ÿ”น Severity: Low
๐Ÿ”น Reported To: Yelp
๐Ÿ”น Reported By: #shubhangirathore836
๐Ÿ”น State: ๐Ÿ”ด N/A
๐Ÿ”น Disclosed: November 30, 2022, 3:15pm (UTC)
392
Bugpoint

30 Nov, 02:52

Stored XSS Payload when sending videos

๐Ÿ‘‰ https://hackerone.com/reports/1536046

๐Ÿ”น Severity: Low | ๐Ÿ’ฐ 500 USD
๐Ÿ”น Reported To: TikTok
๐Ÿ”น Reported By: #aidilarf_2000
๐Ÿ”น State: ๐ŸŸข Resolved
๐Ÿ”น Disclosed: November 29, 2022, 9:30pm (UTC)
401
Bugpoint

29 Nov, 19:22

Any organization's assets pending review can be downloaded

๐Ÿ‘‰ https://hackerone.com/reports/1787644

๐Ÿ”น Severity: High
๐Ÿ”น Reported To: HackerOne
๐Ÿ”น Reported By: #jobert
๐Ÿ”น State: ๐ŸŸข Resolved
๐Ÿ”น Disclosed: November 29, 2022, 6:36pm (UTC)
455
NAIROBIAN _TEA_KE
NAIROBIAN _TEA_KE
3,997 subscribers
WINNERS CLUB ARENAโšฝโšฝ
WINNERS CLUB ARENAโšฝโšฝ
1,306 subscribers
Indian Law Books
Indian Law Books
18,825 subscribers
๐’๐ข๐ง๐ ๐š๐ฉ๐จ๐ซ๐ž ๐™…๐™ค๐™—๐™จ-๐‘๐ž๐Ÿ๐ข๐ง๐ž๐ซ๐ฒ-๐Œ๐š๐ซ๐ข๐ง๐ž-๐Ž๐Ÿ๐Ÿ๐ฌ๐ก๐จ๐ซ๐ž-Petrochem_Shipyard
๐’๐ข๐ง๐ ๐š๐ฉ๐จ๐ซ๐ž ๐™…๐™ค๐™—๐™จ-๐‘๐ž๐Ÿ๐ข๐ง๐ž๐ซ๐ฒ-๐Œ๐š๐ซ๐ข๐ง๐ž-๐Ž๐Ÿ๐Ÿ๐ฌ๐ก๐จ๐ซ๐ž-Petrochem_Shipyard
1,199 subscribers
American Psycho Movie ๐ŸŽฅ
American Psycho Movie ๐ŸŽฅ
4,420 subscribers
Pw Physics med easy 2.0 book Mr
Pw Physics med easy 2.0 book Mr
12,499 subscribers
CONSERVATIVES FOR TRUMP
CONSERVATIVES FOR TRUMP
5,116 subscribers
Tc Lottery
Tc Lottery
1,878 subscribers
Ek Nayi Talash Betting Tips
Ek Nayi Talash Betting Tips
985 subscribers
๐Ÿ‘ณ๐Ÿป๐˜๐€๐€ ๐‘๐Ž๐Ž๐‡๐ˆ๐Ÿง‘๐Ÿปโ€๐Ÿš€
๐Ÿ‘ณ๐Ÿป๐˜๐€๐€ ๐‘๐Ž๐Ž๐‡๐ˆ๐Ÿง‘๐Ÿปโ€๐Ÿš€
993 subscribers

2025 All Right Reserved

Disclaimer: The content displayed on this website is solely provided by the respective Telegram channels. We hold no ownership or responsibility for the content shared by these channels.