No reviews yet. Be the first to share your experience!
Latest Posts
Bugpoint
Apr 23, 2026, 11:19 PM
π· Photo
Remove Every User, Admin, And Owner Out Of Their Teams on http://developers.mtn.com/ via IDOR + Information Disclosure
π https://hackerone.com/reports/1448550
πΉ Severity: Critical
πΉ Reported To: https://hackerone.com/mtn_group
πΉ Reported By: #wallotry
πΉ State: π’ Resolved
πΉ Disclosed: December 1, 2022, 5:34pm (UTC)
568
1
0
Bugpoint
Apr 23, 2026, 11:19 PM
π· Photo
CVE-2022-45402: Apache Airflow: Open redirect during login
π https://hackerone.com/reports/1782514
πΉ Severity: Medium | π° 2,400 USD
πΉ Reported To: https://hackerone.com/ibb
πΉ Reported By: #bugra
πΉ State: π’ Resolved
πΉ Disclosed: December 1, 2022, 9:41am (UTC)
530
0
Bugpoint
Apr 23, 2026, 11:19 PM
π· Photo
Calendar name length not validated before writing to database
π https://hackerone.com/reports/1596148
πΉ Severity: Low
πΉ Reported To: https://hackerone.com/nextcloud
πΉ Reported By: #errorx404
πΉ State: π’ Resolved
πΉ Disclosed: December 1, 2022, 9:49am (UTC)
494
0
Bugpoint
Apr 23, 2026, 11:19 PM
π· Photo
Firebase Database Takeover in https://pulseradio.mtn.co.ug/
π https://hackerone.com/reports/1447751
πΉ Severity: Critical
πΉ Reported To: https://hackerone.com/mtn_group
πΉ Reported By: #shuvam321
πΉ State: π’ Resolved
πΉ Disclosed: December 1, 2022, 10:52am (UTC)
507
1
Bugpoint
Apr 23, 2026, 11:19 PM
π· Photo
Unprotected Direct Object Reference
π https://hackerone.com/reports/1536936
πΉ Severity: Critical
πΉ Reported To: https://hackerone.com/mtn_group
πΉ Reported By: #coyemerald
πΉ State: π’ Resolved
πΉ Disclosed: December 1, 2022, 5:24pm (UTC)
510
0
Bugpoint
Apr 23, 2026, 11:19 PM
π· Photo
Campaign Account Balance and History Disclosed in API Response
π https://hackerone.com/reports/1587374
πΉ Severity: Medium | π° 500 USD
πΉ Reported To: https://hackerone.com/linkedin
πΉ Reported By: #sachin_kumar_
πΉ State: π’ Resolved
πΉ Disclosed: November 30, 2022, 7:31pm (UTC)
487
0
Bugpoint
Apr 23, 2026, 11:19 PM
π· Photo
Double evaluation in .bash_prompt of dotfiles allows a malicious repository to execute arbitrary commands
π https://hackerone.com/reports/1785378
πΉ Severity: High | π° 300 USD
πΉ Reported To: https://hackerone.com/iandunn-projects
πΉ Reported By: #ryotak
πΉ State: π’ Resolved
πΉ Disclosed: December 1, 2022, 4:00am (UTC)
If the website does not impose additional defense against CSRF attacks, failing to use the 'Lax' or 'Strict' values could increase the risk of exposur
π https://hackerone.com/reports/1707680
πΉ Severity: Low
πΉ Reported To: https://hackerone.com/yelp
πΉ Reported By: #shubhangirathore836
πΉ State: π΄ N/A
πΉ Disclosed: November 30, 2022, 3:15pm (UTC)
442
0
Bugpoint
Apr 23, 2026, 11:19 PM
π· Photo
Any organization's assets pending review can be downloaded
π https://hackerone.com/reports/1787644
πΉ Severity: High
πΉ Reported To: https://hackerone.com/security
πΉ Reported By: #jobert
πΉ State: π’ Resolved
πΉ Disclosed: November 29, 2022, 6:36pm (UTC)
