关键字【Uber】的搜索结果共158记录

公开时间 奖金 作者 标题 厂商 漏洞类型
2018-11-20 $100.0 firs0v Full path disclosure on track.uber.com Uber Information Disclosure
2018-11-20 $3000.0 r0t Possibility to enumerate and bruteforce promotion codes in Uber iOS App Uber Brute Force
2018-11-20 $500.0 bobrov Open Redirect in riders.uber.com Uber Open Redirect
2018-11-20 $5000.0 appsecure_in Lack of payment type validation in dial.uber.com allows for free rides Uber Business Logic Errors
2018-11-20 $6000.0 mdv Stored XSS on any page in most Uber domains Uber Cross-site Scripting (XSS) - Stored
2018-11-13 $2000.0 fady_othman Reflected XSS on multiple uberinternal.com domains Uber Cross-site Scripting (XSS) - Reflected
2018-11-13 $500.0 fady_othman Reflected XSS in https://eng.uberinternal.com and https://coeshift.corp.uber.internal/ Uber Cross-site Scripting (XSS) - Reflected
2018-11-13 $ nightwatch-cybersecurity Privacy policy contains hardcoded link using unencrypted HTTP Uber Code Injection
2018-11-13 $6000.0 mdv Possibility to inject a malicious JavaScript code in any file on tags.tiqcdn.com results in a stored XSS on any page in most Uber domains Uber Cross-site Scripting (XSS) - Stored
2018-11-13 $500.0 4lemon Open redirect on rush.uber.com, business.uber.com, and help.uber.com Uber Open Redirect
2018-11-13 $500.0 indcyberjoker SMS/Call spamming due to truncated phone number Uber Improper Authentication - Generic
2018-11-13 $ djangohack Delay of arrears notification allows Riders to take multiple rides without paying Uber Business Logic Errors
2018-11-13 $750.0 cablej No rate limiting on https://biz.uber.com/confirm allowed an attacker to join arbitrary business.uber.com accounts Uber Improper Authentication - Generic
2018-11-13 $5000.0 nullelite Hack The World 2017 Top 2 Bonus Uber none
2018-10-04 $1000.0 0x0luke XSS on partners.uber.com due to no user input sanitisation Uber Cross-site Scripting (XSS) - Generic