Getting started
Learn about vulnerability types 
Getting started in bug bounties 
Test your knowledge
Free Web Application Challenges
Guides for your hunts 
ZSeano's Methodology
Effective Note Taking for bug bounties
Useful Resources 
Disclosed HackerOne Reports 
Our community
Endorsed Members
Hackevents 
Member Articles Tools for Humanity Program Statistics
4 total issues disclosed
$3,300 total paid publicly
Most disclosed (1 disclosures) — Business Logic Errors
Disclosed Reports
| Report Title | Vulnerability Type | Disclosed By | Severity | Disclosed on |
|---|---|---|---|---|
| Unlock underage blocked app without support interaction using airplane mode | Business Logic Errors | polem4rch | Low | 2025-06-30 |
| [Meetup][World ID][OIDC] Insufficient Filtering of "state" Parameter in Response Mode form_post leads to XSS and ATO | Cross-Site Scripting (XSS) | lauritz | Critical | 2024-06-19 |
| IDOR - Leaking of team data (name, email, ID, member ID) via POST /api/v1/graphql `FetchMemberships` operation | Insecure Direct Object Reference (IDOR) | oneagha | Medium | 2024-05-09 |
| Race Condition Enables Bypassing Verification Check | Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') | toormund | High | 2024-04-04 |