DRIVE.NET, Inc. Program Statistics

View program

11 total issues disclosed

$0 total paid publicly

Most disclosed (4 disclosures) — Improper Authentication - Generic

Disclosed Reports

Report Title Vulnerability Type Disclosed By Severity Disclosed on
[www.drive2.ru] Insufficient Security Configurability - The user can using the same password as your current ID. Improper Authentication - Generic what_web Low 2020-10-23
[www.drive2.ru] Insufficient Security Configurability - The user's can set an existing password as a new password. Improper Authentication - Generic what_web Low 2020-10-23
[www.drive2.ru] Insufficient Security Configurability - Notification email is not sent when email is changed. Improper Authentication - Generic what_web Low 2020-10-23
[www.drive2.ru] Insufficient Security Configurability - Notification message not sent when account is deleted Business Logic Errors what_web Low 2020-10-23
[www.drive2.ru] Insufficient Security Configurability - Email notification is not being sent while changing passwords Improper Authentication - Generic what_web Low 2020-10-22
Testing for arbitrary HTTP methods Information Exposure Through an Error Message sandesh_shinde Low 2020-07-06
[www.drive2.ru] There is no rate limit for comments endpoints. Violation of Secure Design Principles what_web Low 2020-06-08
[www.drive2.ru] CSRF through FCTX token bypass Cross-Site Request Forgery (CSRF) what_web Medium 2020-03-31
[www.drive2.ru] CSRF through FCTX token bypass Cross-Site Request Forgery (CSRF) what_web Medium 2020-03-31
Хранимый XSS в Business-аккаунте, на странице компании Cross-site Scripting (XSS) - Stored konqi High 2020-01-17
Same site Scripting None supplied dre4dp1r4terob3rts Low 2020-01-13