Japz DivinoforPINOY WHITE HATh4nt3rx.hashnode.dev·Aug 7, 2023HackerOne redacted usernames disclosure in "Export as .pdf" featureSeverity: Low (3.4)Weakness: Sensitive Information DisclosureBounty: $500 Hello hunters! I just want to share these new findings on the HackerOne bug bounty platform. First, I just wanna let you know that I disagree with the rated severity being Low...Discuss·465 readsbugbounty
Rameshsil3ntkill3r.hashnode.dev·Jun 28, 2023Sensitive Data Exposure Through Password Reset Functionality - Bug BountyHi there 👋, Hope you're doing well. Today, I'm excited to share one of my interesting discoveries in bug hunting. WHO AM I ?🎭 My self Ramesh. I am a security researcher, moreover certified ethical hacker(CEH), bug bounty hunter and CTF player. Dedi...Discuss·5 likes·425 readsbugbounty
Zeeshan MustafaforHack The Planet 🌎z-sec.co·Mar 29, 2023Hacking Admin Panel & Getting free subscriptionNote: For maintaining the program's privacy I won't disclose the program. So, a few months back I and Haseeb were hunting on a private program and the program is a services-based company that has paid services only. So the program had very limited as...Discuss·2.7K readshacking
Veshraj GhimireforInfos3c Blogsread.infos3c.net·Nov 23, 2022Interesting Stored XSS via meta dataBack in February of this year, Bibek Neupane and I had hacked on a private bug bounty program on Hackerone, we had chosen one of the social platform as our target. This post will detail how we discovered Stored Cross-Site Scripting via meta data on o...Discuss·5 likes·423 readsXSS
Saajan BhujelforInfos3c Blogsread.infos3c.net·Oct 22, 2022Password Reset Token Leak via X-Forwarded-HostHi everyone, I am Saajan Bhujel. Student of Bachelor of Commerce(B.Com) and also I am a Bug Bounty Hunter. This is my 1st blog, if you find any spelling mistakes, so please bear with me for the next few minutes. And this blog is about a vulnerability...Discuss·270 readshackerone
