Security

Sophos Central Privilege Escalation

17 April 2024·1 min· loading · loading

Sophos Bug Bounty Sophos Sophos Central Sophos Privilege Escalation

InfiniteWP Client <= 1.12.3 - Unauthenticated Sensitive Information Exposure

17 April 2024·1 min· loading · loading

InfiniteWP Client Exploit InfiniteWP Client Vulnerability CVE-2023-6565 CVE-2021-41180

Hardcoded Secret Key on eGovPH App

22 December 2023·1 min· loading · loading

Vulnerability Disclosure DICT eGovPH Responsible Disclosure

Full Passcode bypass on Nextcloud App iOS

14 May 2023·1 min· loading · loading

Nextcloud bugbounty CVE-2023-28647

Ability to read any emails through IDOR on Nextcloud Mail

12 May 2023·1 min· loading · loading

Nextcloud bugbounty CVE-2023-25160

Messages can still be seen on conversation after expiring when cron is misconfigured

1 May 2023·1 min· loading · loading

Nextcloud bugbounty CVE-2023-26041

Ability to control the filename when uploading a logo or favicon on theming

10 April 2023·1 min· loading · loading

Nextcloud bugbounty CVE-2023-28833

Passcode bypass on Talk Android app

5 January 2023·1 min· loading · loading

Nextcloud bugbounty CVE-2023-22473

File and Chat disclosure by calling the device while its in locked state

9 March 2022·1 min· loading · loading

Nextcloud bugbounty CVE-2021-41181

Nextcloud Talk ObjectId in share location can be set to open arbitrary URL or Deeplinks

8 March 2022·1 min· ·

Nextcloud bugbounty CVE-2021-41180

Sophos Secure Workspace App Password Bypass using Race Condition

30 October 2021·2 mins· loading · loading

Sophos bugbounty race condition Sophos Secure Workspace CVE-2021-36808

Breaking the Doors: Paypal 2-Factor Bypass

2 December 2020·1 min· loading · loading

Paypal bugbounty Two Factor Authentication Bypass Paypal 2FA Bypass

404 Not Found: Vulnerability Disclosure in the Philippines

29 November 2020·3 mins· loading · loading

Opinion Vulnerability Disclosure Philippines

CVE-2020-12832

16 May 2020·1 min· loading · loading

Wordpress CVE-2020-12832 Path Traversal

Non-Verified User can Submit Report,View Disclosed Reports | Secuna bug bounty

13 February 2020·2 mins· loading · loading

Secuna bugbounty

Exposed S3 Credentials of QuadX

29 October 2019·2 mins· loading · loading

quadx vdp hardcoded credentials

Rootcon CTF 2019 | Kahl Dereta Write Up

29 September 2019·1 min· loading · loading

rootcon Capture The Flag

Insufficient Rate Limitting on Facebook Fundraisers

13 August 2019·1 min· loading · loading

facebook bugbounty Insufficient Rate Limit

CVE-2019-5450

15 July 2019·1 min· loading · loading

Nextcloud android bbp

CVE-2018-19937

30 January 2019·1 min· loading · loading

vlc ios vdp