关键字【Uber】的搜索结果共171记录

公开时间 奖金 作者 标题 厂商 漏洞类型
2019-02-08 $5000.0 appsecure_in Client secret, server tokens for developer applications returned by internal API Uber Information Disclosure
2019-01-25 $3000.0 seifelsallamy Reflected XSS POST method at partners.uber.com Uber Cross-site Scripting (XSS) - Reflected
2019-01-25 $7500.0 ngalog Chained Bugs to Leak Victim's Uber's FB Oauth Token Uber Improper Authentication - Generic
2019-01-25 $3000.0 ak1t4 Subdomain takeover at signup.uber.com Uber Privilege Escalation
2019-01-25 $500.0 cablej IDOR in activateFuelCard id allows bulk lookup of driver uuids Uber Insecure Direct Object Reference (IDOR)
2019-01-25 $8000.0 ngalog Open Redirect on central.uber.com allows for account takeover Uber Improper Authentication - Generic
2018-12-19 $500.0 vijay_kumar1110 IDOR on partners.uber.com allows for a driver to override administrator documents Uber Insecure Direct Object Reference (IDOR)
2018-12-19 $2000.0 reptou XSS in ubermovement.com via editable Google Sheets Uber Cross-site Scripting (XSS) - Stored
2018-12-19 $3000.0 hussain_0x3c Reflected XSS in lert.uber.com Uber Cross-site Scripting (XSS) - Reflected
2018-12-19 $500.0 hanuman1 SMS URL verification link does not expire on phone number change and lacks rate limiting Uber Improper Authentication - Generic
2018-12-19 $6000.0 vijay_kumar1110 Site-wide CSRF on eats.uber.com Uber Cross-Site Request Forgery (CSRF)
2018-12-19 $ filedescryptor lert.uber.com: Few default folders/files of AURA Framework are accessible Uber Information Disclosure
2018-12-19 $ jigarthakkar39 Physical Access to Mobile App Allows Local Attribute Updates without Authentication Uber Improper Authentication - Generic
2018-11-20 $100.0 firs0v Full path disclosure on track.uber.com Uber Information Disclosure
2018-11-20 $3000.0 r0t Possibility to enumerate and bruteforce promotion codes in Uber iOS App Uber Brute Force