Skip to content

Latest commit

 

History

History
40 lines (40 loc) · 3.89 KB

paragon_initiative_enterprises.md

File metadata and controls

40 lines (40 loc) · 3.89 KB

Reports in paragon initiative enterprises program:

S.No Title Bounty
1 Email Spoofing With Your Website's Email $0.0
2 [Airship CMS] Local File Inclusion - RST Parser $0.0
3 Not clearing hex-decoded variable after usage in Authentication $0.0
4 DMARC Not found for paragonie.com URGENT $0.0
5 BAD Code ! $0.0
6 Missing GIT tag/commit verification in Docker $0.0
7 Using plain git protocol (vulnerable to MITM) $0.0
8 Not using Binary::safe* functions for substr/strlen function $0.0
9 Missing rel=noopener noreferrer in target=_blank links (Phishing attack) $0.0
10 Incorrect detection of onion URLs $0.0
11 directory information disclose $0.0
12 Subdomain Takeover $0.0
13 I am because bug $0.0
14 Cross-site-Scripting $0.0
15 Full Path Disclousure on https://airship.paragonie.com $0.0
16 no session logout after changing the password in https://bridge.cspr.ng/ $0.0
17 There is an vulnerability in https://bridge.cspr.ng where an attacker can users directory $0.0
18 Improper validation of Email $0.0
19 Broken Authentication & Session Management - Failure to Invalidate Session on all other browsers at Password change $0.0
20 Full directory path listing $0.0
21 Directory Disclose,Email Disclose Zendmail vulnerability $0.0
22 [Critical] billion dollars issue $0.0
23 Paragonie Airship Admin CSRF on Extensions Pages $0.0
24 Invited user to a Author profile can remove the owner of that Author $0.0
25 Improper access control lead To delete anyone comment $0.0
26 CSRF token does not valided during blog comment $0.0
27 Non-secure requests are not automatically upgraded to HTTPS $0.0
28 Full Path Disclosure in airship.paragonie.com '/cabins/' $0.0
29 SMTP server allows anonymous relay from internal addresses to internal addresses $0.0
30 Full Path Disclosure in password lock $0.0
31 Your Application Have Cacheable SSL Pages $0.0
32 Full Path Disclosure In EasyDB $0.0
33 Incomplete fix for #181225 (target=_blank vulnerability) $0.0
34 Airship: Persistent XSS via Comment $0.0
35 Github repo's wiki publicly editable $0.0
36 Github wikis are editable by anyone https://github.com/paragonie/password_lock/wiki $0.0
37 Recaptcha Secret key Leaked $0.0