Getting started
Learn about vulnerability types 
Getting started in bug bounties 
Test your knowledge
Free Web Application Challenges
Guides for your hunts 
ZSeano's Methodology
Effective Note Taking for bug bounties
Useful Resources 
Disclosed HackerOne Reports 
Our community
Endorsed Members
Hackevents 
Member Articles Affirm Program Statistics
5 total issues disclosed
$4,500 total paid publicly
Most disclosed (1 disclosures) — Business Logic Errors
Disclosed Reports
| Report Title | Vulnerability Type | Disclosed By | Severity | Disclosed on |
|---|---|---|---|---|
| IDOR to view order information of users and personal information | Insecure Direct Object Reference (IDOR) | xfiltrer | Medium | 2021-12-06 |
| Open Redirect | Open Redirect | litt1eb0y | Low | 2021-08-31 |
| Subdomain takeover due to non registered TLD [ ██████████.█████.██████.com ] | Improper Access Control - Generic | 0xprial | Low | 2021-08-31 |
| Subdomain takeover of www█████████.affirm.com | Business Logic Errors | ian | Medium | 2021-08-18 |
| Absence of Token expiry leads to Unauthorized login Access | Improper Authentication - Generic | yogesh_ojha | Critical | 2020-12-01 |