Security

Full Passcode bypass on Nextcloud App iOS

14 May 2023·1 min· 0 · 0

Nextcloud bugbounty CVE-2023-28647

Ability to read any emails through IDOR on Nextcloud Mail

12 May 2023·1 min· 0 · 0

Nextcloud bugbounty CVE-2023-25160

Messages can still be seen on conversation after expiring when cron is misconfigured

1 May 2023·1 min· 0 · 0

Nextcloud bugbounty CVE-2023-26041

Ability to control the filename when uploading a logo or favicon on theming

10 April 2023·1 min· 0 · 0

Nextcloud bugbounty CVE-2023-28833

Passcode bypass on Talk Android app

5 January 2023·1 min· 0 · 0

Nextcloud bugbounty CVE-2023-22473

File and Chat disclosure by calling the device while its in locked state

9 March 2022·1 min· 0 · 0

Nextcloud bugbounty CVE-2021-41181

Nextcloud Talk ObjectId in share location can be set to open arbitrary URL or Deeplinks

8 March 2022·1 min· ·

Nextcloud bugbounty CVE-2021-41180

Sophos Secure Workspace App Password Bypass using Race Condition

30 October 2021·2 mins· 0 · 0

Sophos bugbounty race condition Sophos Secure Workspace CVE-2021-36808

Breaking the Doors: Paypal 2-Factor Bypass

2 December 2020·1 min· 0 · 0

Paypal bugbounty Two Factor Authentication Bypass Paypal 2FA Bypass

404 Not Found: Vulnerability Disclosure in the Philippines

29 November 2020·3 mins· 0 · 0

Opinion Vulnerability Disclosure Philippines

CVE-2020-12832

16 May 2020·1 min· 0 · 0

Wordpress CVE-2020-12832 Path Traversal

Non-Verified User can Submit Report,View Disclosed Reports | Secuna bug bounty

13 February 2020·2 mins· 0 · 0

Secuna bugbounty

Exposed S3 Credentials of QuadX

29 October 2019·2 mins· 0 · 0

quadx vdp hardcoded credentials

Rootcon CTF 2019 | Kahl Dereta Write Up

29 September 2019·1 min· 0 · 0

rootcon Capture The Flag

Insufficient Rate Limitting on Facebook Fundraisers

13 August 2019·1 min· 0 · 0

facebook bugbounty Insufficient Rate Limit

CVE-2019-5450

15 July 2019·1 min· 0 · 0

Nextcloud android bbp

CVE-2018-19937

30 January 2019·1 min· 0 · 0

vlc ios vdp