Ecosyste.ms: Issues
An open API service for providing issue and pull request metadata for open source projects.
GitHub / the-xss-rat/hd-issues issues and pull requests
#24 - Broken access control on https://hackerats.com/userOverview.php (Severity: High)
Issue -
State: closed - Opened by CaptainNox over 2 years ago
- 2 comments
#23 - Privilege escalation via CSRF
Issue -
State: closed - Opened by CaptainNox over 2 years ago
- 1 comment
#22 - Stored XSS in https://hackerats.com/adminOverviewReportedDMs.php leads to ATO (Severity: CRITICAL)
Issue -
State: closed - Opened by CaptainNox over 2 years ago
- 1 comment
#21 - Reflected XSS on https://hackerats.com/customerQuery.php (Severity: Medium)
Issue -
State: closed - Opened by CaptainNox over 2 years ago
- 1 comment
#20 - Stored XSS on https://hackerats.com/enterLinks.php (Severity: Medium)
Issue -
State: closed - Opened by CaptainNox over 2 years ago
- 3 comments
Labels: enhancement
#19 - SQL Injection on https://hackerats.com/task.php (Severity: CRITICAL)
Issue -
State: closed - Opened by CaptainNox over 2 years ago
- 1 comment
#18 - Reflected XSS on https://hackerats.com/mentorReply.php (Severity: Medium)
Issue -
State: closed - Opened by CaptainNox over 2 years ago
- 1 comment
#17 - Full account takeover by stealing the password reset token via CORS misconfiguration at https://hackerats.com/userPanel.php
Issue -
State: closed - Opened by rohsec over 2 years ago
#16 - Reflected/Stored XSS via the sort parameter on https://hackerats.com/index.php
Issue -
State: closed - Opened by rohsec over 2 years ago
- 1 comment
#15 - Suggestion
Issue -
State: open - Opened by 0rgis over 2 years ago
Labels: enhancement
#14 - Reflected XSS on /dm.php on parameter id
Issue -
State: closed - Opened by rondons over 2 years ago
- 1 comment
Labels: bug
#13 - BLIND SQLI on /userTaskView.php on parameter stepID
Issue -
State: closed - Opened by rondons over 2 years ago
- 1 comment
Labels: bug
#12 - Suggestions adjustment webserver
Issue -
State: closed - Opened by 8linkz over 2 years ago
Labels: bug
#12 - Suggestions adjustment webserver
Issue -
State: closed - Opened by 8linkz over 2 years ago
Labels: bug
#11 - Vote does not validate the session cookie
Issue -
State: closed - Opened by rondons over 2 years ago
- 1 comment
#10 - BLIND SQLI on /setPartner.php on parameter activate
Issue -
State: closed - Opened by rondons over 2 years ago
- 1 comment
Labels: bug
#9 - SQLI on /writeMessage.php on parameter receiverID
Issue -
State: closed - Opened by rondons over 2 years ago
- 1 comment
#8 - SQLI on /userTaskView.php on parameter Id
Issue -
State: closed - Opened by rondons over 2 years ago
- 1 comment
Labels: bug
#7 - Can message users that don't exit yet. IDOR on receiverID
Issue -
State: open - Opened by rondons over 2 years ago
Labels: enhancement
#6 - CSRF at /index.php?vote=1&postID=ID
Issue -
State: closed - Opened by rondons over 2 years ago
- 1 comment
Labels: enhancement
#5 - CSRF at /setPartner.php?activate=1
Issue -
State: closed - Opened by rondons over 2 years ago
- 1 comment
Labels: enhancement
#4 - Directory browsing enabled
Issue -
State: closed - Opened by 4e0x over 2 years ago
- 1 comment
#3 - Non working register code
Issue -
State: closed - Opened by YSSVirus over 2 years ago
- 2 comments
#2 - Reset Password does not work.
Issue -
State: closed - Opened by ivars-vids over 2 years ago
- 2 comments
#1 - Admin privileges due to weak JWT implementation
Issue -
State: closed - Opened by 4e0x over 2 years ago
- 3 comments