| 3986 | break and bypass verification email |
Open redirect
Email verification bypass
Weak crypto |
Bukalapak |
Abdelhak Kharroubi |
Bug Bounty | 2019-08-07 | 2023-06-13 |
| 3483 | Weak Cryptography in Password Reset to Full Account Takeover |
Account takeover
Password reset
Cryptographic issues |
NA |
Harsh Bothra (@harshbothra_) |
Bug Bounty | 2020-05-15 | 2023-06-13 |
| 3473 | How Netgear meshed(*) up WiFi for Business |
Weak crypto
Authentication flaw |
Netgear |
Thorsten Schröder |
Bug Bounty | 2020-05-18 | 2023-06-13 |
| 3441 | Weak Cryptography Leads To Open Redirect |
Open redirect |
NA |
DarkLotus (@darklotuskdb) |
Bug Bounty | 2020-05-30 | 2023-06-13 |
| 3028 | Weak Cryptography to Account Takeover’s |
Cryptographic issues
Account takeover
IDOR |
NA |
letmeslidein (@VasuYadaav) |
Bug Bounty | 2020-11-15 | 2023-06-13 |
| 3024 | Pentest-Story: Empirum password decryption |
Weak crypto
Reverse engineering |
Matrix42 |
evait security GmbH (@evait_security) |
Bug Bounty | 2020-11-16 | 2023-06-13 |
| 2458 | Cracking Encrypted Credit Card Numbers Exposed By API |
Information disclosure
Weak crypto |
NA |
Craig Hays (@craighays) |
Bug Bounty | 2021-06-22 | 2023-06-13 |
| 2429 | Kaspersky Password Manager: All your passwords are belong to us |
Weak crypto |
Kaspersky |
Jean-Baptiste Bédrune |
Bug Bounty | 2021-07-06 | 2023-06-13 |
| 2392 | Pre-Account Takeover by Reversing a Weak Email Verification Token Algorithm |
Weak crypto |
NA |
Craig Hays (@craighays) |
Bug Bounty | 2021-07-22 | 2023-06-13 |
| 1322 | How I Gained Access To A Finance Company’s Accounts (Session Hijacking) |
Session fixation
Weak crypto |
NA |
Talha Karakumru |
Bug Bounty | 2022-07-25 | 2023-06-13 |
| 1219 | We discovered major vulnerabilities in Control Web Panel. Here’s how we found them. |
Path traversal
RCE
Weak crypto
Password reset
Account takeover |
Centos Web Panel (CWP) |
Immersive Labs (@immersivelabs) |
Bug Bounty | 2022-08-15 | 2023-06-13 |
| 1018 | A vulnerability on Patreon, and their elusive bounty program. |
Payment bypass
Weak crypto |
Patreon |
Datura Mater (@DaturaMater) |
Bug Bounty | 2022-09-29 | 2023-06-13 |
| 959 | Weak private key generation in SSH.NET <= 2020.0.1 |
Weak crypto
Security code review |
SSH.NET |
Guillaume André (@yaumn_) |
Bug Bounty | 2022-10-14 | 2023-06-13 |
| 957 | Microsoft Office 365 Message Encryption Insecure Mode of Operation |
Weak crypto |
Microsoft |
Harry Sintonen |
Bug Bounty | 2022-10-14 | 2023-06-13 |
