Azbuka Vkusa Program Statistics
7 total issues disclosed
$4,150 total paid publicly
Most disclosed (2 disclosures) — Information Disclosure
Disclosed Reports
Report Title | Vulnerability Type | Disclosed By | Severity | Disclosed on |
---|---|---|---|---|
Endpoint without access control leads to order informations and status changes | Information Disclosure | cabelo | Critical | 2021-12-09 |
Reflected XSS in photogallery component on [https://market.av.ru] | Cross-site Scripting (XSS) - Reflected | haxta4ok00 | Medium | 2021-12-01 |
Reflected XSS on av.ru via `q` parameter at https://av.ru/collections/* | Cross-site Scripting (XSS) - Reflected | ronr | Medium | 2021-11-19 |
Мисконфигурация Cisco Smart Install | Misconfiguration | kerbyj | Critical | 2021-11-16 |
Corporate Jira credentials disclosed in public gist | Information Disclosure | mkhazov | High | 2021-11-15 |
IDOR - Other user's delivery address disclosed | Insecure Direct Object Reference (IDOR) | sachin_kumar_ | High | 2021-11-15 |
Leak of Google Sheets API credentials | Cleartext Transmission of Sensitive Information | adsec2s | High | 2021-11-15 |