目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

漏洞赏金情报

数据来源:HackerOne 公开披露报告 · 每 6 小时更新

浏览 HackerOne 平台公开披露的漏洞赏金报告,按严重程度、漏洞类型或目标项目筛选,关联 CVE 编号。

已披露报告
12,221
关联 CVE
1,854
参与项目数
342
近 7 天新增
6
严重度: All CriticalHighMediumLow
类型: 全部 Information Disclosure 1173 Cross-site Scripting (XSS) … 747 Violation of Secure Design … 719 Improper Access Control - Generic 656 Improper Authentication - Generic 652 Cross-site Scripting (XSS) … 513 Uncontrolled Resource Consumption 483 Cross-site Scripting (XSS) … 461 Cross-Site Request Forgery (CSRF) 421 Privilege Escalation 375
RXSS - ████
U.S. Dept Of Defense Cross-site Scripting (XSS) - Reflected (CWE-79)
Medium
2021-10-18
POST based RXSS on https://███████/ via ███ parameter
U.S. Dept Of Defense Cross-site Scripting (XSS) - Reflected (CWE-79)
Medium
2021-10-13
XW 6.2.0 firmware: 5 Reflected XSS issues in link.cgi
Ubiquiti Inc. Cross-site Scripting (XSS) - Reflected (CWE-79)CVE-2020-8168
Medium
2021-10-10
3x Reflected XSS vectors for services.cgi (XM.v6.1.6, build 32290)
Ubiquiti Inc. Cross-site Scripting (XSS) - Reflected (CWE-79)CVE-2020-8170
Medium
2021-10-10
███████ - XSS - CVE-2020-3580
U.S. Dept Of Defense Cross-site Scripting (XSS) - Reflected (CWE-79)CVE-2020-3580
Medium
2021-09-29
Reflected Cross-Site scripting in : mtn.bj
MTN Group Cross-site Scripting (XSS) - Reflected (CWE-79)
High
2021-09-26
XSS due to CVE-2020-3580 [███]
U.S. Dept Of Defense Cross-site Scripting (XSS) - Reflected (CWE-79)CVE-2020-3580
Medium
2021-09-09
XSS due to CVE-2020-3580 [██████]
U.S. Dept Of Defense Cross-site Scripting (XSS) - Reflected (CWE-79)CVE-2020-3580
Medium
2021-09-09
XSS on ███
U.S. Dept Of Defense Cross-site Scripting (XSS) - Reflected (CWE-79)
Medium
2021-08-19
XSS due to CVE-2020-3580 [███.mil]
U.S. Dept Of Defense Cross-site Scripting (XSS) - Reflected (CWE-79)CVE-2020-3580
Medium
2021-08-19
Reflected XSS on delivery.glovoapp.com
Glovo Cross-site Scripting (XSS) - Reflected (CWE-79)
Medium
2021-08-18
Reflected XSS on play.mtn.co.za
MTN Group Cross-site Scripting (XSS) - Reflected (CWE-79)
Medium
2021-08-14
Mattermost Server OAuth Flow Cross-Site Scripting
Mattermost Cross-site Scripting (XSS) - Reflected (CWE-79)CVE-2021-37859
High
2021-08-06
XSS DUE TO CVE-2020-3580
U.S. Dept Of Defense Cross-site Scripting (XSS) - Reflected (CWE-79)CVE-2020-3580
Medium
2021-07-29
XSS DUE TO CVE-2020-3580
U.S. Dept Of Defense Cross-site Scripting (XSS) - Reflected (CWE-79)CVE-2020-3580
Medium
2021-07-29
Reflected XSS - https://███
U.S. Dept Of Defense Cross-site Scripting (XSS) - Reflected (CWE-79)
Medium
2021-07-29
XSS Reflected on https://███ (███ parameter)
U.S. Dept Of Defense Cross-site Scripting (XSS) - Reflected (CWE-79)
Medium
2021-07-29
xss on https://███████(█████████ parameter)
U.S. Dept Of Defense Cross-site Scripting (XSS) - Reflected (CWE-79)
Medium
2021-07-29
xss reflected on https://███████- (███ parameters)
U.S. Dept Of Defense Cross-site Scripting (XSS) - Reflected (CWE-79)
Medium
2021-07-29
Cross site scripting
U.S. Dept Of Defense Cross-site Scripting (XSS) - Reflected (CWE-79)
Medium
2021-07-29
高频漏洞类型
最活跃项目
项目报告数最高赏金
U.S. Dept Of Defense896
Internet Bug Bounty817
HackerOne609
Nextcloud582
Shopify464
curl440
Node.js third-party modules307
GitLab258 $13,950
X / xAI250 $2,500
Uber239