Top 100 Upvoted Reports

Top 100 upvoted reports from HackerOne:

Takeover an account that doesn't have a Shopify ID and more to Shopify - 2600 upvotes, $23550
Takeover an account that doesn't have a Shopify ID and more to Shopify - 2600 upvotes, $23550
Takeover an account that doesn't have a Shopify ID and more to Shopify - 2600 upvotes, $23550
Bypass for #488147 enables stored XSS on https://paypal.com/signin again to PayPal - 2494 upvotes, $20000
Email Confirmation Bypass in myshop.myshopify.com that Leads to Full Privilege Escalation to Any Shop Owner by Taking Advantage of the Shopify SSO to Shopify - 1694 upvotes, $16000
Email Confirmation Bypass in myshop.myshopify.com that Leads to Full Privilege Escalation to Any Shop Owner by Taking Advantage of the Shopify SSO to Shopify - 1694 upvotes, $16000
Email Confirmation Bypass in myshop.myshopify.com that Leads to Full Privilege Escalation to Any Shop Owner by Taking Advantage of the Shopify SSO to Shopify - 1694 upvotes, $16000
Account takeover via leaked session cookie to HackerOne - 1447 upvotes, $20000
Arbitrary file read via the UploadsRewriter when moving and issue to GitLab - 1393 upvotes, $20000
Token leak in security challenge flow allows retrieving victim's PayPal email and plain text password to PayPal - 1301 upvotes, $15300
RCE on Steam Client via buffer overflow in Server Info to Valve - 1243 upvotes, $18000
Potential pre-auth RCE on Twitter VPN to Twitter - 1135 upvotes, $20160
Confidential data of users and limited metadata of programs and reports accessible via GraphQL to HackerOne - 946 upvotes, $20000
[Part II] Email Confirmation Bypass in myshop.myshopify.com that Leads to Full Privilege Escalation to Shopify - 849 upvotes, $15000
Mass account takeovers using HTTP Request Smuggling on https://slackb.com/ to steal session cookies to Slack - 799 upvotes, $6500
WannaCrypt “Killswitch” to HackerOne - 790 upvotes, $10000
DoS on PayPal via web cache poisoning to PayPal - 790 upvotes, $9700
Remote Code Execution on www.semrush.com/my_reports on Logo upload to Semrush - 768 upvotes, $10000
H1514 Remote Code Execution on kitcrm using bulk customer update of Priority Products to Shopify - 748 upvotes, $15000
Git flag injection - local file overwrite to remote code execution to GitLab - 743 upvotes, $12000
Exfiltrate and mutate repository and project data through injected templated service to GitLab - 727 upvotes, $11000
SQL Injection Extracts Starbucks Enterprise Accounting, Financial, Payroll Database to Starbucks - 714 upvotes, $4000
JumpCloud API Key leaked via Open Github Repository. to Starbucks - 703 upvotes, $4000
RCE via npm misconfig -- installing internal libraries from the public registry to PayPal - 680 upvotes, $30000
🐞 OS Command Injection at https://sea-web.gold.razer.com/lab/ws-lookup via IP parameter to Razer - 676 upvotes, $2000
🐞 OS Command Injection at https://sea-web.gold.razer.com/lab/ws-lookup via IP parameter to Razer - 676 upvotes, $2000
Use-After-Free In IPV6_2292PKTOPTIONS leading To Arbitrary Kernel R/W Primitives to PlayStation - 675 upvotes, $10000
Websites Can Run Arbitrary Code on Machines Running the 'PlayStation Now' Application to PlayStation - 671 upvotes, $15000
IDOR to add secondary users in www.paypal.com/businessmanage/users/api/v1/users to PayPal - 663 upvotes, $10500
Subdomain Takeover to Authentication bypass to Roblox - 659 upvotes, $2500
Webshell via File Upload on ecjobs.starbucks.com.cn to Starbucks - 657 upvotes, $4000
SQL injection in https://labs.data.gov/dashboard/datagov/csv_to_json via User-agent to TTS Bug Bounty - 650 upvotes, $2000
Stored XSS on https://paypal.com/signin via cache poisoning to PayPal - 633 upvotes, $18900
Reflected XSS on https://www.glassdoor.com/employers/sem-dual-lp/ to Glassdoor - 626 upvotes, $1000
Sensitive user information disclosure at bonjour.uber.com/marketplace/_rpc via the 'userUuid' parameter to Uber - 611 upvotes, $6500
Time-Based SQL injection at city-mobil.ru to Mail.ru - 609 upvotes, $15000
Email address of any user can be queried on Report Invitation GraphQL type when username is known to HackerOne - 605 upvotes, $8500
Getting all the CD keys of any game to Valve - 597 upvotes, $20000
[phpobject in cookie] Remote shell/command execution to Pornhub - 595 upvotes, $20000
Ability to reset password for account to Upserve - 595 upvotes, $3500
Stored XSS in Wiki pages to GitLab - 590 upvotes, $4500
Stored XSS on imgur profile to Imgur - 586 upvotes, $650
SQL injection at https://sea-web.gold.razer.com/ajax-get-status.php via txid parameter to Razer - 580 upvotes, $2000
Bypassing Digits origin validation which leads to account takeover to Twitter - 576 upvotes, $5040
Customer private program can disclose email any users through invited via username to HackerOne - 557 upvotes, $7500
Github Token Leaked publicly for https://github.sc-corp.net to Snapchat - 552 upvotes, $15000
Request smuggling on admin-official.line.me could lead to account takeover to LINE - 547 upvotes, $9000
My Expense Report resulted in a Server-Side Request Forgery (SSRF) on Lyft to Lyft - 547 upvotes, $0
Local files could be overwritten in GitLab, leading to remote command execution to GitLab - 531 upvotes, $12000
Privilege Escalation From user to SYSTEM via unauthenticated command execution to Ubiquiti Inc. - 531 upvotes, $16109
SQL Injection in https://api-my.pay.razer.com/inviteFriend/getInviteHistoryLog to Razer - 528 upvotes, $2000
Email Confirmation Bypass in your-store.myshopify.com which leads to privilege escalation to Shopify - 527 upvotes, $22500
Stealing Zomato X-Access-Token: in Bulk using HTTP Request Smuggling on api.zomato.com to Zomato - 521 upvotes, $5000
The return of the ＜ to Rockstar Games - 518 upvotes, $1000
RCE and Complete Server Takeover of http://www.█████.starbucks.com.sg/ to Starbucks - 515 upvotes, $4000
Shopify Stocky App OAuth Misconfiguration to Shopify - 508 upvotes, $5000
[Grab Android/iOS] Insecure deeplink leads to sensitive information disclosure to Grab - 503 upvotes, $7500
SSRF in Exchange leads to ROOT access in all instances to Shopify - 491 upvotes, $25000
Password theft login.newrelic.com via Request Smuggling to New Relic - 475 upvotes, $3000
Able to Become Admin for Any LINE Official Account to LINE - 474 upvotes, $4750
Remote Code Execution in Slack desktop apps + bonus to Slack - 469 upvotes, $1750
BAD Code ! to Paragon Initiative Enterprises - 468 upvotes, $0
Reflected XSS in OAUTH2 login flow to LINE - 462 upvotes, $1989
Steal ALL collateral during liquidation by exploiting lack of validation in flip.kick to Maker Ecosystem Growth Holdings, Inc - 461 upvotes, $50000
profile-picture name parameter with large value lead to DoS for other users and programs on the platform to HackerOne - 455 upvotes, $2500
SQL injection on contactws.contact-sys.com in TScenObject action ScenObjects leads to remote code execution to QIWI - 450 upvotes, $5500
XSS in steam react chat client to Valve - 444 upvotes, $7500
XSS vulnerable parameter in a location hash to Slack - 435 upvotes, $1100
How the Bug stole hacking to HackerOne - 435 upvotes, $0
Cross-Site-Scripting on www.tiktok.com and m.tiktok.com leading to Data Exfiltration to TikTok - 433 upvotes, $3860
Project Template functionality can be used to copy private project data, such as repository, confidential issues, snippets, and merge requests to GitLab - 431 upvotes, $12000
Blind SQL Injection to InnoGames - 427 upvotes, $2000
Access to multiple production Grafana dashboards to Snapchat - 423 upvotes, $10000
Open prod Jenkins instance to Snapchat - 419 upvotes, $15000
touch.mail.ru / e.mail.ru memory content disclosure to Mail.ru - 406 upvotes, $10000
Panorama UI XSS leads to Remote Code Execution via Kick/Disconnect Message to Valve - 404 upvotes, $9000
CRLF injection to Twitter - 404 upvotes, $2940
Unrestricted file upload on [ambassador.mail.ru] to Mail.ru - 402 upvotes, $3000
Employee's GitHub Token Found In Travis CI Build Logs to Grammarly - 388 upvotes, $5000
Account Takeover worki.ru to Mail.ru - 388 upvotes, $1700
gitlab-workhorse bypass in Gitlab::Middleware::Multipart allowing files in allowed_paths to be read to GitLab - 387 upvotes, $10000
H1514 Server Side Template Injection in Return Magic email templates? to Shopify - 384 upvotes, $10000
Denial of service to WP-JSON API by cache poisoning the CORS allow origin header to Automattic - 383 upvotes, $550
Remote code execution on Basecamp.com to Basecamp - 383 upvotes, $5000
Blind XSS on image upload to CS Money - 382 upvotes, $1000
Stored XSS Vulnerability to WordPress - 381 upvotes, $500
Read-only application can publish/delete fleets to Twitter - 377 upvotes, $7700
Chained Bugs to Leak Victim's Uber's FB Oauth Token to Uber - 375 upvotes, $7500
Reflected XSS and sensitive data exposure, including payment details, on lioncityrentals.com.sg to Uber - 364 upvotes, $4000
Cross-organization data access in city-mobil.ru to Mail.ru - 363 upvotes, $8000
SQL injection at fleet.city-mobil.ru to Mail.ru - 360 upvotes, $10000
Account TakeOver at my.33slona.ru to Mail.ru - 359 upvotes, $1700
Account TakeOver at my.33slona.ru to Mail.ru - 359 upvotes, $1700
RCE on shared.mail.ru due to "widget" plugin to Mail.ru - 358 upvotes, $10000
H1514 Ability to MiTM Shopify PoS Session to Takeover Communications to Shopify - 351 upvotes, $13337
URL link spoofing to Slack - 349 upvotes, $250
Bypass of GitLab CI runner slash fix in YAML validation to GitLab - 348 upvotes, $12000
JSON serialization of any Project model results in all Runner tokens being exposed through Quick Actions to GitLab - 347 upvotes, $12000
Server Side Request Forgery (SSRF) at app.hellosign.com leads to AWS private keys disclosure to Dropbox - 346 upvotes, $4913
Stored XSS in wordpress.com to Automattic - 345 upvotes, $650

Back

PreviousTop Paid Reports NextRed Team Cheatsheet

Last updated 9 months ago