目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1336 CNY

100%

漏洞赏金情报

数据来源:HackerOne 公开披露报告 · 每 6 小时更新

浏览 HackerOne 平台公开披露的漏洞赏金报告,按严重程度、漏洞类型或目标项目筛选,关联 CVE 编号。

已披露报告
12,262
关联 CVE
1,866
参与项目数
343
近 7 天新增
0
项目筛选:stripo
Medium
2024-02-15
Medium
2024-02-15
Non-revoked API Key Information disclosure via Stripo_report()
Stripo Inc Cleartext Storage of Sensitive Information (CWE-312)
Medium
2022-08-25
Insecure Storage and Overly Permissive API Keys
Stripo Inc Missing Encryption of Sensitive Data (CWE-311)
Medium
2022-03-30
Stored XSS at Module Name
Stripo Inc Cross-site Scripting (XSS) - Stored (CWE-79)
Medium
2021-04-12
Stored XSS in the banner block description
Stripo Inc Cross-site Scripting (XSS) - Stored (CWE-79)
Medium
2021-03-09
Medium
2021-01-11
No rate limiting - Create data
Stripo Inc Business Logic Errors (CWE-840)
Medium
2021-01-05
Medium
2021-01-05
Medium
2020-12-04
Race condition on my.stripo.email at /cabinet/stripeapi/v1/projects/298427/emails/folders uri
Stripo Inc Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CWE-362)
Medium
2020-11-09
Public and secret api key leaked in JavaScript source
Stripo Inc Cleartext Storage of Sensitive Information (CWE-312)
Medium
2020-09-29
高频漏洞类型
最活跃项目
项目报告数最高赏金
U.S. Dept Of Defense896
Internet Bug Bounty817 $2,257
HackerOne609
Nextcloud584
Shopify465
curl464
Node.js third-party modules307
GitLab258
X / xAI250 $7,000
Uber239