Deptofdefense
Most disclosed vulnerability type (42 disclosures) — Cross-site Scripting (XSS) - Generic
korprit has disclosed the most with 15 reports!
Deptofdefense's top public payouts
- Deptofdefense rewarded XSS Reflect to POST █████ with a
$0bounty! - Deptofdefense rewarded Access to Unclassified / FOUO Advanced Motion Platform of █████████.mil with a
$0bounty! - Deptofdefense rewarded View another user information with IDOR vulnerability with a
$0bounty! - Deptofdefense rewarded IDOR + Account Takeover [UNAUTHENTICATED] with a
$0bounty! - Deptofdefense rewarded CORS misconfiguration which leads to the disclosure with a
$0bounty!
Most recently disclosed
SharePoint Web Services Exposed to Anonymous Access
@ Submitted by balisong
Bug Type: Improper Access Control - Generic
Disclosed on 2020-11-24
SharePoint Web Services Exposed to Anonymous Access
@ Submitted by balisong
Bug Type: Information Disclosure
Disclosed on 2020-11-24
View another user information with IDOR vulnerability
@ Submitted by silentbreach
Bug Type: Insecure Direct Object Reference (IDOR)
Disclosed on 2020-11-23
Apparent ██████████ website is publicly exposed, suggests default account details on page and has expired SSL/TLS cert
@ Submitted by mcbazza
Bug Type: Improper Access Control - Generic
Disclosed on 2020-11-23
{███} It is posible download all information and files via S3 Bucket Misconfiguration
@ Submitted by z3ck3bug
Bug Type: Improper Access Control - Generic
Disclosed on 2020-11-23
Unauthenticated Arbitrary File Deletion "CVE-2020-3187" in █████
@ Submitted by emad777
Bug Type: Path Traversal
Disclosed on 2020-11-23
Local File Inclusion In Registration Page
@ Submitted by moloshy
Bug Type: Path Traversal
Disclosed on 2020-11-23
CORS misconfiguration which leads to the disclosure
@ Submitted by ahmed12ossman
Bug Type: Improper Access Control - Generic
Disclosed on 2020-11-23
XSS Reflect to POST █████
@ Submitted by ofjaaah1
Bug Type: Cross-site Scripting (XSS) - Reflected
Disclosed on 2020-11-23
Reflected XSS on https://████/ (Bypass of #1002977)
@ Submitted by nagli
Bug Type: Cross-site Scripting (XSS) - Reflected
Disclosed on 2020-11-23
[SQLI ]Time Bassed Injection at ██████████ via /██████/library.php?c=G14 parameter
@ Submitted by zinminphy00
Bug Type: SQL Injection
Disclosed on 2020-11-23
https://██████ vulnerable to CVE-2020-3187 - Unauthenticated arbitrary file deletion in Cisco ASA/FTD
@ Submitted by themastersunil
Bug Type: Improper Authentication - Generic
Disclosed on 2020-11-23
IDOR + Account Takeover [UNAUTHENTICATED]
@ Submitted by silentbreach
Bug Type: Insecure Direct Object Reference (IDOR)
Disclosed on 2020-11-09
CSRF to account takeover in https://█████/
@ Submitted by i_hack_everyone
Bug Type: Cross-Site Request Forgery (CSRF)
Disclosed on 2020-11-09
[████] SQL Injections on Referer Header exploitable via Time-Based method
@ Submitted by polygon35
Bug Type: SQL Injection
Disclosed on 2020-11-02