| 4164 | Why You Shouldn%27t Use a Password Manager For Your Linode Account |
Account takeover
Information disclosure |
Linode |
Utku Şen (@utkusen) |
Bug Bounty | 2019-05-02 | 2023-06-13 |
| 4117 | Don’t underestimates the Errors They can provide good $$$ Bounty! |
Information disclosure
Internal path disclosure |
Mamba |
Aditya Sharma (@Assass1nmarcos) |
Bug Bounty | 2019-06-07 | 2023-06-13 |
| 4107 | Admin Account total Information Disclosure |
Source code disclosure
Information disclosure |
NA |
Nishant Saurav (@inishantsinha) |
Bug Bounty | 2019-06-15 | 2023-06-13 |
| 4103 | Bug Bounty - Information Disclosure through error message + WAF Bypass led to Local File Inclusion |
WAF bypass
LFI
Information disclosure |
NA |
Λявєη (@spenkkkkk) |
Bug Bounty | 2019-06-15 | 2023-06-13 |
| 4076 | Sensitive Information Disclosure: Web Cache Deception Attack |
Information disclosure |
Intuit |
Wasim Shaikh (@Wa_sim_sim) |
Bug Bounty | 2019-06-26 | 2023-06-13 |
| 4061 | Finding hidden gems vol. 4: Rakefile a.k.a. how to get AWS keys again |
Information disclosure |
NA |
Mateusz Olejarka (@molejarka) |
Bug Bounty | 2019-07-03 | 2023-06-13 |
| 4054 | Information Disclosure via Misconfigured AWS to AWS Bucket Takeover |
AWS misconfiguration |
NA |
Pratyush Anjan Sarangi |
Bug Bounty | 2019-07-08 | 2023-06-13 |
| 4047 | Facebook Bug bounty page admin disclose bug {Facebook Android app} |
Information disclosure |
Meta / Facebook |
Yusuf Furkan (@h1_yusuf) |
Bug Bounty | 2019-07-12 | 2023-06-13 |
| 4039 | The Bugs Are Out There, Hiding in Plain Sight |
IDOR
SSRF
Information disclosure
CORS misconfiguration |
NA |
A Bug’z Life (@abugzlife1) |
Bug Bounty | 2019-07-15 | 2023-06-13 |
| 4038 | How I Could Get The Instagram Username of Anyone on Tinder |
Information disclosure |
Tinder |
Shahar Albeck |
Bug Bounty | 2019-07-16 | 2023-06-13 |
| 4017 | Disclose any main and 3rd party contributors email address and movie local path thru XML file in Plex TV - plex.tv (Write Up) |
Information disclosure
Internal path disclosure |
Plex |
Evan Ricafort (@evanricafort) |
Bug Bounty | 2019-07-24 | 2023-06-13 |
| 4013 | Facebook BugBounty: Tale of an Instagram bug disclosing user’s phone number via checkpoint |
Information disclosure |
Meta / Facebook |
Bijan Murmu (@0xBijan) |
Bug Bounty | 2019-07-26 | 2023-06-13 |
| 3996 | One Misconfig (JIRA) to Leak Them All- Including NASA and Hundreds of Fortune 500 Companies! |
Information disclosure |
NA |
Avinash Jain (@logicbomb_1) |
Bug Bounty | 2019-08-02 | 2023-06-13 |
| 3967 | U.S. Department of Defense - Info Disclosure and SQLi Writeup |
Information disclosure
SQL injection |
U.S. Dept Of Defense |
Aaron Esau (@arinerron) |
Bug Bounty | 2019-08-19 | 2023-06-13 |
| 3960 | Rights Manager Graph API Disclosure of business employee to non business employee |
Information disclosure |
Meta / Facebook |
Jafar Abo Nada (@Jafar_Abo_Nada) |
Bug Bounty | 2019-08-22 | 2023-06-13 |
| 3959 | One Bug To Rule Them All: Modern Android Password Managers and FLAG_SECURE Misuse |
Information disclosure
Content leak |
1Password
Keeper
Dashlane |
Lorenzo Stella (@lorenzostella) |
Bug Bounty | 2019-08-22 | 2023-06-13 |
| 3957 | From Github Recon To Account Takeover |
Information disclosure
Account takeover |
NA |
Dipak kumar Das (@d1pakdas) |
Bug Bounty | 2019-08-24 | 2023-06-13 |
| 3951 | How to look for JS files Vulnerability for fun and profit? |
Information disclosure |
NA |
Yeasir Arafat |
Bug Bounty | 2019-08-27 | 2023-06-13 |
| 3947 | Graphql Bug to Steal Anyone’s Address |
Information disclosure
GraphQL |
NA |
Pratik Yadav (@PratikY9967) |
Bug Bounty | 2019-09-01 | 2023-06-13 |
| 3938 | Finding Gem in Someone’s Report: Instant $500USD at HackerOne Platform |
Information disclosure |
NA |
Hisoka Morou |
Bug Bounty | 2019-09-07 | 2023-06-13 |
| 3936 | Exploiting JSONP and Bypassing Referer Check |
Information disclosure
JSONP |
NA |
Osama Avvan (@osamaavvan) |
Bug Bounty | 2019-09-07 | 2023-06-13 |
| 3933 | Accessing 2 million Verizon Pay Monthly contracts |
Information disclosure
Authentication bypass
IDOR |
Yahoo! / Verizon Media |
Daley Bee (@daley) |
Bug Bounty | 2019-09-09 | 2023-06-13 |
| 3923 | Unauthorized access to all user information leaks |
Information disclosure |
NA |
C1h2e1 (@C1h2e11) |
Bug Bounty | 2019-09-13 | 2023-06-13 |
| 3921 | I Could Have Hacked All Uber Accounts- But I Chose to Report it Instead |
Information disclosure |
Uber |
Anand Prakash (@anandpraka_sh) |
Bug Bounty | 2019-09-13 | 2023-06-13 |
| 3917 | Google Referer Leak Bug |
Referer leakage
Information disclosure |
Google |
Jayateertha Guruprasad (@JayateerthaG) |
Bug Bounty | 2019-09-15 | 2023-06-13 |
