Bugpoint (@bugpoint)の最新投稿

Bugpoint のテレグラム投稿

Bugpoint
Latest updates about disclosure bug bounty reports: tech details, impacts, bounties 📣

Rate👇
https://cutt.ly/bugpoint_rate
Feedback👇
https://cutt.ly/bugpoint_feedback

#️⃣ bug bounty disclosed reports
#️⃣ bug bounty write-ups
#️⃣ bug bounty teleg
1,122 人の購読者
3,804 枚の写真
3,778 本の動画
最終更新日 25.02.2025 17:20

類似チャンネル

SaggeOfferte Tech
19,573 人の購読者
VPN | V2rayNG | نت ملی
13,675 人の購読者
Techno Range
10,609 人の購読者

Bugpoint によってTelegramで共有された最新のコンテンツ

Remove Every User, Admin, And Owner Out Of Their Teams on developers.mtn.com via IDOR + Information Disclosure

👉 https://hackerone.com/reports/1448550

🔹 Severity: Critical
🔹 Reported To: MTN Group
🔹 Reported By: #wallotry
🔹 State: 🟢 Resolved
🔹 Disclosed: December 1, 2022, 5:34pm (UTC)
Unprotected Direct Object Reference

👉 https://hackerone.com/reports/1536936

🔹 Severity: Critical
🔹 Reported To: MTN Group
🔹 Reported By: #coyemerald
🔹 State: 🟢 Resolved
🔹 Disclosed: December 1, 2022, 5:24pm (UTC)
Firebase Database Takeover in https://pulseradio.mtn.co.ug/

👉 https://hackerone.com/reports/1447751

🔹 Severity: Critical
🔹 Reported To: MTN Group
🔹 Reported By: #shuvam321
🔹 State: 🟢 Resolved
🔹 Disclosed: December 1, 2022, 10:52am (UTC)
Calendar name length not validated before writing to database

👉 https://hackerone.com/reports/1596148

🔹 Severity: Low
🔹 Reported To: Nextcloud
🔹 Reported By: #errorx404
🔹 State: 🟢 Resolved
🔹 Disclosed: December 1, 2022, 9:49am (UTC)
CVE-2022-45402: Apache Airflow: Open redirect during login

👉 https://hackerone.com/reports/1782514

🔹 Severity: Medium | 💰 2,400 USD
🔹 Reported To: Internet Bug Bounty
🔹 Reported By: #bugra
🔹 State: 🟢 Resolved
🔹 Disclosed: December 1, 2022, 9:41am (UTC)
Double evaluation in .bash_prompt of dotfiles allows a malicious repository to execute arbitrary commands

👉 https://hackerone.com/reports/1785378

🔹 Severity: High | 💰 300 USD
🔹 Reported To: Ian Dunn
🔹 Reported By: #ryotak
🔹 State: 🟢 Resolved
🔹 Disclosed: December 1, 2022, 4:00am (UTC)
Campaign Account Balance and History Disclosed in API Response

👉 https://hackerone.com/reports/1587374

🔹 Severity: Medium | 💰 500 USD
🔹 Reported To: LinkedIn
🔹 Reported By: #sachin_kumar_
🔹 State: 🟢 Resolved
🔹 Disclosed: November 30, 2022, 7:31pm (UTC)
If the website does not impose additional defense against CSRF attacks, failing to use the 'Lax' or 'Strict' values could increase the risk of exposur

👉 https://hackerone.com/reports/1707680

🔹 Severity: Low
🔹 Reported To: Yelp
🔹 Reported By: #shubhangirathore836
🔹 State: 🔴 N/A
🔹 Disclosed: November 30, 2022, 3:15pm (UTC)
Stored XSS Payload when sending videos

👉 https://hackerone.com/reports/1536046

🔹 Severity: Low | 💰 500 USD
🔹 Reported To: TikTok
🔹 Reported By: #aidilarf_2000
🔹 State: 🟢 Resolved
🔹 Disclosed: November 29, 2022, 9:30pm (UTC)
Any organization's assets pending review can be downloaded

👉 https://hackerone.com/reports/1787644

🔹 Severity: High
🔹 Reported To: HackerOne
🔹 Reported By: #jobert
🔹 State: 🟢 Resolved
🔹 Disclosed: November 29, 2022, 6:36pm (UTC)