目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1000 CNY

100.0%
コーヒーを一杯おごる

漏洞赏金情报

数据来源:HackerOne 公开披露报告 · 每 6 小时更新

浏览 HackerOne 平台公开披露的漏洞赏金报告,按严重程度、漏洞类型或目标项目筛选,关联 CVE 编号。

已披露报告
12,219
关联 CVE
1,854
参与项目数
342
近 7 天新增
11
严重度: All CriticalHighMediumLow
类型: 全部 Information Disclosure 1173 Cross-site Scripting (XSS) … 747 Violation of Secure Design … 719 Improper Access Control - Generic 656 Improper Authentication - Generic 652 Cross-site Scripting (XSS) … 513 Uncontrolled Resource Consumption 483 Cross-site Scripting (XSS) … 461 Cross-Site Request Forgery (CSRF) 421 Privilege Escalation 375
项目筛选:mtn_group
No password length restriction in reset password endpoint at http://suppliers.mtn.cm
MTN Group
Critical
2022-09-05
firebase credentials leaks @ ███████
MTN Group Information Disclosure (CWE-200)
Medium
2022-09-05
firebase credentials leaks @ https://mpulse.mtnonline.com
MTN Group Information Disclosure (CWE-200)
Medium
2022-09-05
CVE-2021-38314 @ https://www.mtn.ci
MTN Group CVE-2021-38314
Medium
2022-09-05
CVE-2021-38314 @ https://www.mtn.co.rw
MTN Group CVE-2021-38314
Unknown
2022-09-05
Exposed gitlab repo at https://adammanco.mtn.com/api/v4/projects
MTN Group Information Disclosure (CWE-200)
Low
2022-09-05
Information disclosure through django debug mode
MTN Group Information Exposure Through Debug Information (CWE-215)
Medium
2022-09-05
IDOR Leads To Account Takeover Without User Interaction
MTN Group Insecure Direct Object Reference (IDOR) (CWE-639)
Critical
2022-09-04
path traversal vulnerability in Grafana 8.x allows " local file read "
MTN Group
Critical
2022-09-03
Weak/Auto Fill Password
MTN Group Insufficiently Protected Credentials (CWE-522)
Critical
2022-09-03
Wordpress users disclosure from json and xml file
MTN Group Information Disclosure (CWE-200)
Low
2022-09-02
Sensitive Information Disclosure Through Config File
MTN Group Cleartext Storage of Sensitive Information (CWE-312)
High
2022-09-01
Default Admin Username and Password on remedysso.mtncameroon.net
MTN Group
High
2022-09-01
Password reset token leak on third party website via Referer header [██████████]
MTN Group
Medium
2022-09-01
Remote code execution due to unvalidated file upload
MTN Group Improper Input Validation (CWE-20)
Critical
2022-09-01
Default Login Credentials on https://broadbandmaps.mtn.com.gh/
MTN Group Improper Access Control - Generic (CWE-284)
Critical
2022-08-25
Blind SSRF External Interaction on ████████
MTN Group Server-Side Request Forgery (SSRF) (CWE-918)
High
2022-08-21
cross site scripting in : mtn.bj
MTN Group Cross-site Scripting (XSS) - Reflected (CWE-79)
High
2022-08-06
Open redirection at https://smartreports.mtncameroon.net
MTN Group Open Redirect (CWE-601)
Low
2022-07-30
POST BASED REFLECTED XSS IN dailydeals.mtn.co.za
MTN Group Cross-site Scripting (XSS) - Reflected (CWE-79)
High
2022-07-15
高频漏洞类型
最活跃项目
项目报告数最高赏金
U.S. Dept Of Defense896
Internet Bug Bounty817
HackerOne609
Nextcloud582
Shopify464
curl439
Node.js third-party modules307
GitLab258
X / xAI250 $2,500
Uber239 $9,895