| Wordpress Users Disclosure (/wp-json/wp/v2/users/) on data.gov |
Information Disclosure |
nagli |
Medium |
2020-07-28 |
| Blind SSRF on https://labs.data.gov/dashboard/Campaign/json_status/ Endpoint |
Use of Inherently Dangerous Function |
mariuszpoplawski |
Medium |
2020-07-10 |
| Limited LFI |
Remote File Inclusion |
mariuszpoplawski |
Medium |
2020-07-09 |
| HTTP Request Smuggling on https://labs.data.gov |
HTTP Request Smuggling |
puppykok |
High |
2020-05-13 |
| open redirect in eb9f.pivcac.prod.login.gov |
Open Redirect |
timwhite |
Low |
2020-05-12 |
| SSRF/XSPA in labs.data.gov/dashboard/validate |
Server-Side Request Forgery (SSRF) |
haxta4ok00 |
Medium |
2020-05-05 |
| Cache poisoning DoS to various TTS assets |
Violation of Secure Design Principles |
nathand |
High |
2020-03-12 |
| Stealing Users OAuth Tokens through redirect_uri parameter |
Open Redirect |
manshum12 |
High |
2019-10-01 |
| Nginx misconfiguration leading to direct PHP source code download |
Information Disclosure |
tolo7010 |
High |
2019-07-29 |
| SQL injection in https://labs.data.gov/dashboard/datagov/csv_to_json via User-agent |
SQL Injection |
harisec |
Critical |
2019-03-22 |
| Multiple Bugs in api.data.gov/signup endpoint leads to send custom messages to Anyone |
None supplied |
nuke11 |
Medium |
2018-11-13 |
| Redirect on authorization allows account compromise |
Improper Authentication - Generic |
cablej_dds |
Critical |
2018-11-06 |
| Defacement of catalog.data.gov via web cache poisoning to stored DOMXSS |
Cross-site Scripting (XSS) - Stored |
albinowax |
High |
2018-11-01 |
| [idp.fr.cloud.gov] Open Redirect |
Open Redirect |
bobrov |
Low |
2018-11-01 |
| SSH server compatible with several vulnerable cryptographic algorithms |
Use of a Broken or Risky Cryptographic Algorithm |
northivanastan |
Medium |
2018-03-02 |
| CI for [example.gov] can be logged in and accessible |
Improper Access Control - Generic |
kunal94 |
Critical |
2018-02-07 |
| Subdomain Takeover |
Privilege Escalation |
picklepwns |
High |
2017-11-28 |
| 2FA bypass - confirmation tokens don't expire |
Improper Access Control - Generic |
muskecan |
Medium |
2017-11-17 |
| Error Page Content Spoofing or Text Injection |
None supplied |
dennis95 |
No rating |
2017-11-17 |
| CSRF in generating a new Personal Key |
Cross-Site Request Forgery (CSRF) |
streaak2 |
Medium |
2017-11-17 |
| CSRF to change Account Security Keys on secure.login.gov |
Cross-Site Request Forgery (CSRF) |
zk34911 |
Medium |
2017-11-01 |
| Cross-Site Request Forgery on the Federalist API (all endpoints), using Flash file on the attacker's host |
Cross-Site Request Forgery (CSRF) |
sp1d3rs |
Medium |
2017-09-28 |
| Homo graphs attack |
Violation of Secure Design Principles |
ninjan |
None |
2017-09-20 |
| [api.data.gov] Leak Valid API With out Verification - |
Improper Authentication - Generic |
lawrenceamer |
None |
2017-09-20 |
| Information disclosure (system username) in the x-amz-meta-s3cmd-attrs response header on federation.data.gov |
Information Disclosure |
sp1d3rs |
Low |
2017-09-16 |
| Reflected XSS on the data.gov (WAF bypass+ Chrome XSS Auditor bypass+ works in all browsers) |
Cross-site Scripting (XSS) - Reflected |
sp1d3rs |
Medium |
2017-09-15 |
| HTML injection (with XSS possible) on the https://www.data.gov/issue/ using media_url attribute |
Cross-site Scripting (XSS) - Reflected |
sp1d3rs |
Medium |
2017-09-15 |
| Server Side Misconfiguration (EMAIL SPOOFING) |
Improper Authentication - Generic |
swag01 |
None |
2017-09-14 |
| Email Spoofing - SPF record set to Neutral |
Violation of Secure Design Principles |
ramakanthk35 |
None |
2017-09-06 |
| Subdomain take-over of {REDACTED}.18f.gov |
Privilege Escalation |
jackds |
High |
2017-09-06 |
| {REDACTED}.data.gov subdomain takeover. |
Violation of Secure Design Principles |
edoverflow |
High |
2017-09-06 |
| federalist.18f.gov vulnerable to Sweet32 attack |
Man-in-the-Middle |
r0p3 |
Medium |
2017-09-06 |
| Double Stored Cross-Site scripting in the admin panel |
Cross-site Scripting (XSS) - Stored |
sp1d3rs |
Medium |
2017-09-05 |
| [IDOR] The authenticated user can restart website build or view build logs on any another Federalist account |
Insecure Direct Object Reference (IDOR) |
sp1d3rs |
Medium |
2017-09-05 |
| Race condition on the Federalist API endpoints can lead to the Denial of Service attack |
Violation of Secure Design Principles |
sp1d3rs |
Low |
2017-09-05 |
| The user, who was deleted from Github Organization, still can access all functions of federalist, in case he didn't do logout |
Improper Authentication - Generic |
sp1d3rs |
Medium |
2017-09-05 |
| The Federalsit session cookie (federalist.sid) is not properly invalidated - backdoor access to the account is possible |
Insufficient Session Expiration |
sp1d3rs |
Low |
2017-09-05 |
Getting started
Learn about vulnerability types 
Getting started in bug bounties 
Test your knowledge
Free Web Application Challenges
Guides for your hunts 
ZSeano's Methodology
Effective Note Taking for bug bounties
Useful Resources 
Disclosed HackerOne Reports 
Our community
Endorsed Members
Hackevents 
Member Articles