目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1110

100%
请我们喝杯咖啡

漏洞赏金情报

数据来源:HackerOne 公开披露报告 · 每 6 小时更新

浏览 HackerOne 平台公开披露的漏洞赏金报告,按严重程度、漏洞类型或目标项目筛选,关联 CVE 编号。

已披露报告
12,250
关联 CVE
1,864
参与项目数
343
近 7 天新增
10
严重度: All CriticalHighMediumLow
类型: 全部 Information Disclosure 1173 Cross-site Scripting (XSS) … 747 Violation of Secure Design … 719 Improper Access Control - Generic 658 Improper Authentication - Generic 653 Cross-site Scripting (XSS) … 513 Uncontrolled Resource Consumption 483 Cross-site Scripting (XSS) … 461 Cross-Site Request Forgery (CSRF) 421 Privilege Escalation 375
XSS on gravatar
Automattic Cross-site Scripting (XSS) - Generic (CWE-79)
Unknown
2014-09-07
Stored XSS on this link https://sehacure.slack.com/help/requests/
Slack Cross-site Scripting (XSS) - Generic (CWE-79)
Unknown
2014-08-30
XSS on [/concrete/concrete/elements/dashboard/sitemap.php]
Concrete CMS Cross-site Scripting (XSS) - Generic (CWE-79)
Unknown
2014-08-28
XSS in Theme Preview Tools File
Concrete CMS Cross-site Scripting (XSS) - Generic (CWE-79)
Unknown
2014-08-28
Cross-Site Scripting in getMarketplacePurchaseFrame
Concrete CMS Cross-site Scripting (XSS) - Generic (CWE-79)
Unknown
2014-08-18
XSS ON MOPUB.COM
X / xAI Cross-site Scripting (XSS) - Generic (CWE-79)
Unknown
2014-08-15
XSS in editor by any user
Phabricator Cross-site Scripting (XSS) - Generic (CWE-79)
Unknown
2014-08-13
xss in simperium.com
Automattic Cross-site Scripting (XSS) - Generic (CWE-79)
Unknown
2014-08-10
XSS Reflected - https://www.stopthehacker.com/
StopTheHacker Cross-site Scripting (XSS) - Generic (CWE-79)
Unknown
2014-08-08
Cross site scripting in type parameter
Uzbey Cross-site Scripting (XSS) - Generic (CWE-79)
Unknown
2014-08-07
Stored XSS in username.slack.com
Slack Cross-site Scripting (XSS) - Generic (CWE-79)
Unknown
2014-08-07
Cross Site Scripting (XSS) - app.relateiq.com
RelateIQ Cross-site Scripting (XSS) - Generic (CWE-79)
Unknown
2014-08-07
Unchecking hidden parameter is vulnerable to XSS-attack
Khan Academy Cross-site Scripting (XSS) - Generic (CWE-79)
Unknown
2014-08-07
Here is another XSS i got for you
MoneyStream Cross-site Scripting (XSS) - Generic (CWE-79)
Unknown
2014-08-06
XSS vulnerability in video player page
X / xAI Cross-site Scripting (XSS) - Generic (CWE-79)
Unknown
2014-08-02
XSS
jsDelivr Cross-site Scripting (XSS) - Generic (CWE-79)
Unknown
2014-07-29
Flash XSS on swfupload.swf showing at app.mavenlink.com
Mavenlink Cross-site Scripting (XSS) - Generic (CWE-79)
Unknown
2014-07-24
IFXSS (image filename XSS) by creating a new Photo Gallery
Uzbey Cross-site Scripting (XSS) - Generic (CWE-79)
Unknown
2014-07-23
XSS in Stopthehacker support
StopTheHacker Cross-site Scripting (XSS) - Generic (CWE-79)
Unknown
2014-07-19
Album image XSS
Uzbey Cross-site Scripting (XSS) - Generic (CWE-79)
Unknown
2014-07-18
高频漏洞类型
最活跃项目
项目报告数最高赏金
U.S. Dept Of Defense896
Internet Bug Bounty817 $2,257
HackerOne609
Nextcloud584
Shopify464
curl459
Node.js third-party modules307
GitLab258
X / xAI250 $2,500
Uber239