关键字【Zomato】的搜索结果共81记录

公开时间 奖金 作者 标题 厂商 漏洞类型
2018-10-05 $100.0 areizen Reflected XSS on developers.zomato.com Zomato Cross-site Scripting (XSS) - Reflected
2018-09-17 $1500.0 akhil-reni [www.zomato.com] Tampering with Order Quantity and paying less amount then actual amount, leads to business loss Zomato Business Logic Errors
2018-09-11 $2000.0 gerben_javado [www.zomato.com] SQLi - /php/██████████ - item_id Zomato SQL Injection
2018-09-11 $300.0 shivasurya Phishing user to download malicious app could lead to leakage of User Access Token, Email, Name and Profile photo via exported RemoteService Zomato Information Disclosure
2018-09-05 $600.0 emitrani IDOR to delete images from other stores Zomato Insecure Direct Object Reference (IDOR)
2018-06-17 $650.0 bagipro [Zomato Android/iOS] Theft of user session Zomato none
2018-05-30 $1000.0 saltedfish [www.zomato.com] SQLi on `order_id` parameter Zomato SQL Injection
2018-05-09 $ gcurtiss_ XSS in "explore-keywords-dropdown" results. Zomato Cross-site Scripting (XSS) - Reflected
2018-04-28 $100.0 riya [www.zomato.com] IDOR - Gold Subscription Details, Able to view "Membership ID" and "Validity Details" of other Users Zomato Insecure Direct Object Reference (IDOR)
2018-04-26 $100.0 inferno- [Zomato's Blog] POST based XSS on https://www.zomato.com/blog/wp-admin/admin-ajax.php?td_theme_name=Newspaper&v=8.2 Zomato Cross-site Scripting (XSS) - Reflected
2018-04-26 $700.0 bigshaq [www.zomato.com] Abusing LocalParams to Inject Code through ███████ query Zomato none
2018-04-25 $250.0 harsh13 [www.zomato.com] Getting a complimentary dessert [Zomato Treats] on ordering a Meal at no cost Zomato none
2018-04-25 $100.0 harsh13 IDOR in treat subscriptions Zomato Insecure Direct Object Reference (IDOR)
2018-04-15 $ foobar7 Clickjacking: Delete Account, Change privacy settings, Rate business, follow/unfollow (IE) Zomato UI Redressing (Clickjacking)
2018-04-02 $ mrtn Outdated MediaElement.js Reflected Cross-Site Scripting (XSS) Zomato Cross-site Scripting (XSS) - Generic