name-Omni

Omni – Autonomous Red Team Lead & Bug Bounty Hunter Powered...

claude-bug-bounty

Claude Bug Bounty Hunter The AI-native bug bounty framework...

EUVD-2025-200129

HackerOne community member Kassem S.kassems94 has reported that username handling in Revive Adserver was still vulnerable to impersonation attacks after the fix for CVE-2025-52672, via several alternate techniques. Homoglyphs based impersonation has been independently reported by other HackerOne...

AllVideoPocsFromHackerOne

This is an offensive tool for retrieving public reports from HackerOne, a bug bounty platform. The tool, named "AllPocsFromHackerOne," is designed to grab public reports from HackerOne and categorize vulnerabilities by technique. It appears to be a Python script that utilizes the HackerOne API to...

Omise: Subdomain takeover http://accessday.opn.ooo/

Vulnerability description not provided...

CVE-2021-22970

Concrete CMS formerly concrete5 versions 8.5.6 and below and version 9.0.0 allow local IP importing causing the system to be vulnerable toa. SSRF attacks on the private LAN servers by reading files from the local LAN. An attacker can pivot in the private LAN and exploit local network appsandb. SS...

XVIDEOS: Text injection or content spoofing on forbiden page

hello Team, while enumerating directories of xvideos.com i found that 403 forbiden directories are refleting on the page , so i created some custom words to change the mind of customers that the website is under construction so please visit attaker site. reproduction speps: domain : www.xvideos.c...

Sifchain: Email Spoofing bug

Hi team, An SPF/DMARC record is a type of Domain Name Service DNS record that identifies which mail servers are permitted to send email on behalf of your domain. The purpose of an SPF/DMARC record is to prevent spammers from sending messages on the behalf of your organization. Remediation: Create...

UPchieve: No Rate Limit On Reset Password

welcome all : i found that no rate limit in reset password in ::: ==https://app.upchieve.org/resetpassword== Summary: No rate limit check on forgot password which can lead to mass mailing and spamming of users and possible employees A little bit about Rate Limit: A rate limiting algorithm is used...

Automattic: [api.tumblr.com] Denial of Service by cookies manipulation

Hello Summary: I have found at api.tumblr.com two parameters consumerkey && consumersecret allow to modify oa-consumerkey && oaconsumersecret cookies values and property. An attacker can send a malicious link to reset the cookies of api.tumblr.com, this lead to DOS. To trigger the DOS, the...

CS Money: Pixel Flood Attack leads to Application level DoS

Summary: Hello Team, I had gone through your policy and I saw that DoS is out of scope but I am not sure about Application level DoS. The another reason to report this attack because it affects real customers who want to chat with your support team. I had tested this with two accounts 1. From...

Open Sesame - A Tool Which Runs To Display Random Publicly Disclosed Hackerone Reports When Bored

A python tool which runs to display random publicly disclosed Hackerone reports when bored. Automatically opens the report in browser. Contains Over 8k Publicly disclosed Hackerone reports and addtl. wordlist of 700 bug bounty writeups. This is a productivity tool for security enthusiasts and bug...

Topcoder: SVG file upload leads to XML injection

Summary: Upload Avatar option allows the user to upload image/ . Thus enabling the upload of many file formats including SVG files MIME type: image/svg+xml SVG files are XML based graphics files in 2D images. Thus, this opens up an attack vector to upload specially crafted malicious SVG files. Th...

X (Formerly Twitter): login csrf in analytics.mopub.com

Description: There is no csrftoken validation while logging in which leads to csrf. base request : POST /login HTTP/1.1 Host: analytics.mopub.com Connection: close Content-Length: 37 Accept: application/json, text/plain, / Origin: https://analytics.mopub.com User-Agent: Mozilla/5.0 Windows NT 10....

Bitwarden: Export vault feature is vulnerable to CSV injection

Hello guys I don't know if you care about this issue but it seems that the export feature in your https://vault.bitwarden.com//tools is vulnerable to CSV injection. If a CSV contains a malicious command it may have big impact Even though there is a popup notification for users before opening the...

Local File Inclusion Vulnerability

More info at https://hackerone.com/reports/179034...

Paragon Initiative Enterprises: Cross-domain AJAX request

Hi Paragonie Team, While reviewing your website i discovered that there are Cross-domain AJAX requests being sent, though you are implementing Content-Security-Policy header but Internet Explorer uses experimental X-Content-Security-Policy header according to Wikipedia info...