H1-ctf


37 total issues disclosed

$1,350 total paid publicly


Most disclosed (11 disclosures) — None supplied

View disclosed reports



Disclosed Reports


Report Title Vulnerability Type Disclosed By Severity Disclosed on
ccc ctf SQL Injection shamollash Critical 2021-06-23
HackerOne’s 100K CTF Writeup XML External Entities (XXE) rykkard Critical 2021-06-21
100K CTF's Writeup SQL Injection dexter0us Critical 2021-06-21
CCC H1 June 2021 CTF Writeup XML External Entities (XXE) pmnh Critical 2021-06-21
Adam and the Deadly Injections Out-of-bounds Read akshansh Critical 2021-06-18
H1-CTF 100k Solution - Congratz on the 100k Rep todayisnew SQL Injection w31rd0 Critical 2021-06-17
[100K-ctf] Multiple vulnerabilities leading to compromise of Pinger instance. None supplied nukedx No rating 2021-06-17
How The Hackers Saved Christmas Information Disclosure nytr0gen Critical 2021-01-11
[h1-2006 2020] Bounty payments are done ! Server-Side Request Forgery (SSRF) louzogh Critical 2020-09-14
[h1-2006 2020] Bounty payments are done ! Server-Side Request Forgery (SSRF) louzogh Critical 2020-09-14
[H1-2006 2020] CTF Writeup None supplied yashrs No rating 2020-07-06
[H1-2006 2020] CTF Writeup Server-Side Request Forgery (SSRF) leoastorga_g Critical 2020-06-23
[H1-2006 2020] Bypassing access control checks by modifying the URL, internal application state, or the HTML page, or using a custom API attack tool Privilege Escalation bcobain23 Critical 2020-06-22
[H1-2006 2020] Multiple vulnerabilities allow to leak sensitive information Improper Access Control - Generic zoczus No rating 2020-06-22
[H1-2006 2020] From multiple vulnerabilities to complete ATO on any customer account and staff admin Violation of Secure Design Principles rreiss Critical 2020-06-22
[H1-2006] CTF Writeup Improper Access Control - Generic nirvana_msu Critical 2020-06-19
[h1-2006 2020] CTF Walkthrough Server-Side Request Forgery (SSRF) meraxes Critical 2020-06-18
[H1-2006 2020] Connecting the dots to send hackers their Bug Bounty Code Injection akshansh Critical 2020-06-18
[H1-2006 2020] Writeup Improper Access Control - Generic njbooher No rating 2020-06-18
[H1-2006 2020] Multiple vulnerabilities leading account takeover Privilege Escalation nukedx Critical 2020-06-18
[H1-2006 2020] 36 hours of brain cycles utilized on solving a neat puzzle None supplied 0xatul No rating 2020-06-18
[H1-2006 2020] CTF Writeup! None supplied sw33tlie Critical 2020-06-18
[H1-2006 2020] I successfully solved it! None supplied zeroxyele Critical 2020-06-18
[H1-2006 2020] CTF Writeup Server-Side Request Forgery (SSRF) 0xcaptainfreak Critical 2020-06-18
h1-ctf writeup , finally paid the payments by chaining multiple bugs Information Disclosure d1r3wolf Critical 2020-06-18
[H1-2006 2020] H1-2006 CTF Writeup Information Disclosure nytr0gen Critical 2020-06-18
[H1-2006 2020] I successfully solved it! None supplied zeroxyele Critical 2020-06-18
[H1-2006 2020] Flag for H1-CTF None supplied batee5a No rating 2020-06-18
[H1-2006 2020] [Multiple Vulnerability] CTF Writeup - @abdilahrf_ None supplied abdilahrf_ Critical 2020-06-18
[H1-2006 2020] CTF write-up Privilege Escalation diegobernal Critical 2020-06-18
[h1-2006 2020] Write up for H1-2006 CTF None supplied zer0ttl Critical 2020-06-18
[H1-2006 2020] CTF Writeup None supplied hipotermia Critical 2020-06-18
[H1-2006 2020] Bounty Pay CTF challenge Improper Access Control - Generic 0xfd Critical 2020-06-18
[H1-2006 2020] I made the CEO's bounty payment! None supplied bugra Critical 2020-06-18
[h1-415 2020] Spent a week and failed at solving the last step. Improper Access Control - Generic s1r1u5 Critical 2020-02-04
[h1-415 2020] Multiple vulnerabilities leading to leaking of secret user files Server-Side Request Forgery (SSRF) nukedx Critical 2020-02-03
[H1-415 2020] CTF Writeup Server-Side Request Forgery (SSRF) manoelt Critical 2020-02-03