Internet Bug Bounty


12 total issues disclosed

$43,840 total paid publicly


Most disclosed (3 disclosures) — Classic Buffer Overflow

View disclosed reports



Disclosed Reports


Report Title Vulnerability Type Disclosed By Severity Disclosed on
Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) (CVE-2021-42013) Path Traversal fms Critical 2021-11-19
Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.50 Path Traversal: '.../...//' itsecurityco Critical 2021-11-19
Ruby - Regular Expression Denial of Service Vulnerability of Date Parsing Methods Denial of Service svalkanov Medium 2021-11-19
The Host Authorization middleware in Action Pack is vulnerable to crafted X-Forwarded-Host values Open Redirect mshtawythug Medium 2021-11-18
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49 Path Traversal monkey_logic Critical 2021-11-09
Request line injection via HTTP/2 in Apache mod_proxy None supplied albinowax Medium 2021-11-04
"urllib" will result to deny of service None supplied 4nim4l Low 2021-10-21
CVE-2021-3711: SM2 decrypt buffer overflow Classic Buffer Overflow ouyang High 2021-09-27
1-byte heap buffer overflow in DNS resolver Off-by-one Error luismerino Medium 2021-08-27
HTTP Smuggling multiple issues in Squid 3.x & squid 4.x HTTP Response Splitting regilero Critical 2021-08-26
UrnState Heap Overflow Classic Buffer Overflow jeriko_one Critical 2021-08-26
Buffer overflow in PyCArg_repr in _ctypes/callproc.c for Python 3.x to 3.9.1 Classic Buffer Overflow jordyzomer High 2021-08-25