Deptofdefense


Most disclosed vulnerability type (42 disclosures) — Cross-site Scripting (XSS) - Generic

korprit has disclosed the most with 15 reports!

208 total issues disclosed

$0 total paid publicly


Accepts reports via HackerOne

Deptofdefense's top public payouts




Most recently disclosed


IDOR + Account Takeover [UNAUTHENTICATED]

@ Submitted by silentbreach
Bug Type: Insecure Direct Object Reference (IDOR)

Disclosed on 2020-11-09

Rating: Critical


CSRF to account takeover in https://█████/

@ Submitted by i_hack_everyone
Bug Type: Cross-Site Request Forgery (CSRF)

Disclosed on 2020-11-09

Rating: Critical


403 Forbidden Bypass at www.██████.mil

@ Submitted by soldawn
Bug Type: Forced Browsing

Disclosed on 2020-11-02

Rating: Medium


hardcoded password stored in javascript of https://████.mil

@ Submitted by x3ph_
Bug Type: Use of Hard-coded Password

Disclosed on 2020-11-02

Rating: High


Reflected XSS in https://███████ via search parameter

@ Submitted by kegn
Bug Type: Cross-site Scripting (XSS) - Reflected

Disclosed on 2020-11-02

Rating: Medium


PII Leak (such as CAC User ID) at https://████████/pages/login.aspx

@ Submitted by pi_hunter50
Bug Type: Insecure Storage of Sensitive Information

Disclosed on 2020-11-02

Rating: Medium


[████] SQL Injections on Referer Header exploitable via Time-Based method

@ Submitted by polygon35
Bug Type: SQL Injection

Disclosed on 2020-11-02

Rating: High


Access to Unclassified / FOUO Advanced Motion Platform of █████████.mil

@ Submitted by kaulse
Bug Type: Improper Access Control - Generic

Disclosed on 2020-11-02

Rating: Medium


Rating: Medium


[SQLI ]Time Bassed Injection at ██████████ via referer header

@ Submitted by yassinek3ch
Bug Type: SQL Injection

Disclosed on 2020-10-16

Rating: High


CSRF to account takeover in https://███████.mil/

@ Submitted by dhakal_bibek
Bug Type: Cross-Site Request Forgery (CSRF)

Disclosed on 2020-10-16

Rating: Critical


Rating: Critical


[CVE-2020-3452] Unauthenticated file read in Cisco ASA

@ Submitted by mzfr
Bug Type: Path Traversal

Disclosed on 2020-10-16

Rating: High


[██████████.mil] Cisco VPN Service Path Traversal

@ Submitted by arm4nd0
Bug Type: Path Traversal

Disclosed on 2020-10-16

Rating: High


External Service Interaction | https://█████████.mil

@ Submitted by x3ph_
Bug Type: Information Disclosure

Disclosed on 2020-10-16

Rating: High