Sifchain Program Statistics

View program

25 total issues disclosed

$200 total paid publicly

Most disclosed (7 disclosures) — None supplied

Disclosed Reports

Report Title Vulnerability Type Disclosed By Severity Disclosed on
Misconfiguration Certificate Authority Authorization Rule Misconfiguration d4rk_r0s3 None 2021-12-09
No Valid SPF Records at sifchain.finance Violation of Secure Design Principles n33dm0n3y No rating 2021-12-09
Dependency Confusion Vulnerability in Sifnode Due to Unclaimed npm Packages. Code Injection 0xcachefl0w None 2021-12-09
Linux Desktop application "sifnoded" executable does not use Pie / no ASLR Violation of Secure Design Principles n33dm0n3y No rating 2021-12-09
Origin IP Disclosure Vulnerability None supplied uniquekamboj6738 No rating 2021-12-09
Information Disclosure at one of your subdomain Information Disclosure omemishra None 2021-12-09
Signature Verification /// golang.org/x/crypto/ssh Cryptographic Issues - Generic dpredrag High 2021-12-09
Sifchain token leak Insecure Storage of Sensitive Information abdullah321 None 2021-12-09
Sifchain Privacy Policy Webpage Uses Wordpress Default Template. Does Not Display Correct Privacy Policy. Information Disclosure masq31 None 2021-12-09
No Rate Limit in email leads to huge Mass mailings None supplied sudhakarsurya No rating 2021-12-09
Wrong Implementation of Url in https://docs.sifchain.finance/ Misconfiguration sar00n Low 2021-12-09
information disclosure None supplied virus26 No rating 2021-12-09
CSRF in newsletter form Cross-Site Request Forgery (CSRF) ph0b0s None 2021-12-09
ETHEREUM_PRIVATE_KEY leaked via github None supplied bugkillerak None 2021-12-09
Clickjacking /framing on sensitive Subdomain UI Redressing (Clickjacking) ilxax1 None 2021-12-09
No valid SPF record found Improper Authentication - Generic tamilarasi11 No rating 2021-12-09
Design Issues at Main Domain Violation of Secure Design Principles n33dm0n3y Low 2021-12-09
Username disclosure at Main Domain Information Disclosure n33dm0n3y Low 2021-12-09
Vulnerability : Email Spoofing None supplied tajammul None 2021-12-09
CORS (Cross-Origin Resource Sharing) origin validation failure None supplied 11holefinder None 2021-12-09
4 xss vulnerability dom based cwe 79 ; wordpress bootstrap.min.js is vulnerable Cross-site Scripting (XSS) - DOM rao_ji1hackerone Medium 2021-12-09
Email Spoofing bug None supplied niloychowdhury3 No rating 2021-12-09
Possible Database Details stored in values.yaml Cleartext Storage of Sensitive Information sparta5537 Medium 2021-12-09
Wrong Url in Main page of sifchain.finance Misconfiguration beebeek Low 2021-12-09
Subdomain Takeover At the Main Domain Of Your Site Improper Access Control - Generic ahmedelmalky Low 2021-05-07