UPchieve


Most disclosed (2 disclosures) — None supplied

sampritdas has disclosed the most with 1 reports!

6 total issues disclosed

$0 total paid publicly


Launched on 2021-04-15

Accepts reports via HackerOne



Disclosed Reports


Report Title Vulnerability Type Disclosed By Severity Disclosed on
i can join without user and pass in this website https://argocd.upchieve.org/settings/accounts Reusing a Nonce, Key Pair in Encryption 4pag High 2021-08-18
CLICKJACKING LEADS TO DEACTIVATE ACCOUNT UI Redressing (Clickjacking) scianto05 Low 2021-08-16
Password reset token leak on third party website via Referer header Storing Passwords in a Recoverable Format n1had Medium 2021-08-10
Session Hijacking leads to full control of account by attacker None supplied sampritdas None 2021-06-24
User enumeration through forget password None supplied mr-zero High 2021-05-16
Zero click account Takeover due to Api misconfiguration 🏂🎩 Improper Access Control - Generic zero_or_1 Critical 2021-05-14