U.S. Dept Of Defense - HackerOne Bug Reports

Public U.S. Dept Of Defense bug reports.

4,419 Bug Reports - $2,030,173 Paid Out
Last Updated: 12th September, 2017

Team	Bounty	Title
U.S. Dept Of Defense	-	Remote Code Execution (RCE) vulnerability in a DoD website
U.S. Dept Of Defense	-	Remote Code Execution (RCE) in a DoD website
U.S. Dept Of Defense	-	Remote Code Execution (RCE) vulnerability in multiple DoD websites
U.S. Dept Of Defense	-	Arbitary file download vulnerability on a DoD website
U.S. Dept Of Defense	-	Arbitary file download vulnerability on a DoD website
U.S. Dept Of Defense	-	Limited code execution vulnerability on a DoD website
U.S. Dept Of Defense	-	Cross-site scripting (XSS) vulnerability on a DoD website
U.S. Dept Of Defense	-	SQL Injection vulnerability in a DoD website
U.S. Dept Of Defense	-	Information disclosure vulnerability on a DoD website
U.S. Dept Of Defense	-	Remote code execution (RCE) in multiple DoD websites
U.S. Dept Of Defense	-	SQL Injection vulnerability in a DoD website
U.S. Dept Of Defense	-	Cross-site scripting (XSS) vulnerability on a DoD website
U.S. Dept Of Defense	-	Reflected XSS on a DoD website
U.S. Dept Of Defense	-	Reflected XSS vulnerability on a DoD website
U.S. Dept Of Defense	-	Information disclosure vulnerability on a DoD website
U.S. Dept Of Defense	-	Reflected XSS in a DoD Website
U.S. Dept Of Defense	-	SQL Injection vulnerability in a DoD website
U.S. Dept Of Defense	-	Remote Command Execution on a DoD website
U.S. Dept Of Defense	-	Blind SQLi vulnerability in a DoD Website
U.S. Dept Of Defense	-	Remote Code Execution (RCE) in a DoD website
U.S. Dept Of Defense	-	Remote code execution vulnerability on a DoD website
U.S. Dept Of Defense	-	Remote Code Execution (RCE) in a DoD website
U.S. Dept Of Defense	-	Remote Code Execution (RCE) in a DoD website
U.S. Dept Of Defense	-	Information disclosure vulnerability on a DoD website
U.S. Dept Of Defense	-	Cross-site scripting (XSS) vulnerability on a DoD website
U.S. Dept Of Defense	-	Remote file inclusion vulnerability on a DoD website
U.S. Dept Of Defense	-	Reflected XSS vulnerability in a DoD website
U.S. Dept Of Defense	-	Potentially sensitive information disclosure on a DoD website
U.S. Dept Of Defense	-	Insecure Direct Object Reference (IDOR) vulnerability in a DoD website
U.S. Dept Of Defense	-	Remote code execution vulnerability on a DoD website
U.S. Dept Of Defense	-	Bypass file access control vulnerability on a DoD website
U.S. Dept Of Defense	-	Cross-site scripting (XSS) on a DoD website
U.S. Dept Of Defense	-	Cross-site request forgery (CSRF) vulnerability in a DoD website
U.S. Dept Of Defense	-	Remote command execution (RCE) vulnerability on a DoD website
U.S. Dept Of Defense	-	SQL injection vulnerability on a DoD website
U.S. Dept Of Defense	-	Stored XSS vulnerability on a DoD website
U.S. Dept Of Defense	-	SQL Injection vulnerability in a DoD website
U.S. Dept Of Defense	-	SQL injection vulnerability on a DoD website
U.S. Dept Of Defense	-	Information disclosure vulnerability on a DoD website
U.S. Dept Of Defense	-	Privilege Escalation on a DoD Website
U.S. Dept Of Defense	-	Reflected XSS vulnerability on a DoD website
U.S. Dept Of Defense	-	Misconfigured user account settings on DoD website
U.S. Dept Of Defense	-	SQL Injection vulnerability in a DoD website
U.S. Dept Of Defense	-	Information disclosure vulnerability on a DoD website
U.S. Dept Of Defense	-	Information disclosure vulnerability on a DoD website
U.S. Dept Of Defense	-	Local file inclusion vulnerability on a DoD website
U.S. Dept Of Defense	-	Blind SQLi in a DoD Website
U.S. Dept Of Defense	-	Information disclosure vulnerability on a DoD website
U.S. Dept Of Defense	-	Information disclosure vulnerability on a DoD website
U.S. Dept Of Defense	-	Information disclosure vulnerability on a DoD website
U.S. Dept Of Defense	-	Exposed Access Control Data Backup Files on DoD Website
U.S. Dept Of Defense	-	HTML Injection/Load Images vulnerability on a DoD website
U.S. Dept Of Defense	-	SQL injection vulnerability in a DoD website
U.S. Dept Of Defense	-	Password reset vulnerability on a DoD website
U.S. Dept Of Defense	-	Reflected XSS on a DoD website
U.S. Dept Of Defense	-	SQL injection vulnerability on a DoD website
U.S. Dept Of Defense	-	Misconfigured password reset vulnerability on a DoD website
U.S. Dept Of Defense	-	Reflected XSS on a DoD website
U.S. Dept Of Defense	-	SQL injection vulnerability on a DoD website
U.S. Dept Of Defense	-	Server-side include injection vulnerability in a DoD website
U.S. Dept Of Defense	-	XSS vulnerability on a DoD website
U.S. Dept Of Defense	-	Server side information disclosure
U.S. Dept Of Defense	-	Remote code execution vulnerability on a DoD website
U.S. Dept Of Defense	-	SQL Injection vulnerability in a DoD website
U.S. Dept Of Defense	-	SQL Injection vulnerability in a DoD website
U.S. Dept Of Defense	-	Default credentials on a DoD website
U.S. Dept Of Defense	-	HTML injection vulnerability on a DoD website
U.S. Dept Of Defense	-	Cross-site request forgery (CSRF) vulnerability on a DoD website
U.S. Dept Of Defense	-	Server side information disclosure on a DoD website
U.S. Dept Of Defense	-	Cross-site request forgery vulnerability on a DoD website
U.S. Dept Of Defense	-	DOM Based XSS on a DoD website
U.S. Dept Of Defense	-	DOM Based XSS on an Army website
U.S. Dept Of Defense	-	Reflected cross-site scripting (XSS) vulnerability on a DoD website
U.S. Dept Of Defense	-	File upload vulnerability on a DoD website
U.S. Dept Of Defense	-	Reflected XSS on a DoD website
U.S. Dept Of Defense	-	Reflected XSS on a DoD website
U.S. Dept Of Defense	-	Time Based SQL Injection vulnerability on a DoD website
U.S. Dept Of Defense	-	Server Side Request Forgery (SSRF) vulnerability in a DoD website
U.S. Dept Of Defense	-	Information disclosure vulnerability on a DoD website
U.S. Dept Of Defense	-	Information disclosure on a DoD website
U.S. Dept Of Defense	-	SQL injection vulnerability on a DoD website
U.S. Dept Of Defense	-	Reflected XSS on a DoD website
U.S. Dept Of Defense	-	QuickTime Promotion on a DoD website
U.S. Dept Of Defense	-	SQL injection vulnerability on a DoD website
U.S. Dept Of Defense	-	Time Based SQL Injection vulnerability on a DoD website
U.S. Dept Of Defense	-	XXE on DoD web server
U.S. Dept Of Defense	-	Reflected XSS in a Navy website
U.S. Dept Of Defense	-	Remote code execution on an Army website
U.S. Dept Of Defense	-	Personal information disclosure on a DoD website
U.S. Dept Of Defense	-	Violation of secure design principles on a DoD website
U.S. Dept Of Defense	-	Open redirect vulnerability in a DoD website
U.S. Dept Of Defense	-	XSS vulnerability on an Army website
U.S. Dept Of Defense	-	Reflected XSS vulnerability on a DoD website
U.S. Dept Of Defense	-	Persistent XSS vulnerability on a DoD website
U.S. Dept Of Defense	-	Authentication bypass vulnerability on a DoD website
U.S. Dept Of Defense	-	Arbitrary Script Injection (Mail) in a DoD Website
U.S. Dept Of Defense	-	Open Redirect in a DoD website
U.S. Dept Of Defense	-	Information disclosure vulnerability on a DoD website
U.S. Dept Of Defense	-	Cross-Site Scripting (XSS) on a DoD website
U.S. Dept Of Defense	-	Arbitary file download vulnerability on a DoD website
U.S. Dept Of Defense	-	Information disclosure on a DoD website
U.S. Dept Of Defense	-	DNS Misconfiguration
U.S. Dept Of Defense	-	Cross-site scripting (XSS) vulnerability on a DoD website
U.S. Dept Of Defense	-	Information disclosure vulnerability in a DoD website
U.S. Dept Of Defense	-	Information disclosure vulnerability on a DoD website
U.S. Dept Of Defense	-	Information leakage on a Department of Defense website
U.S. Dept Of Defense	-	SQL Injection vulnerability on a DoD website
U.S. Dept Of Defense	-	Insecure direct object reference vulnerability on a DoD website
U.S. Dept Of Defense	-	Stored cross site scripting (XSS) vulnerability on a DoD website
U.S. Dept Of Defense	-	XSS on a DoD website
U.S. Dept Of Defense	-	Reflected XSS on a DoD website
U.S. Dept Of Defense	-	Unrestricted File Upload
U.S. Dept Of Defense	-	Cross-site scripting vulnerability on a DoD website
U.S. Dept Of Defense	-	Information disclosure vulnerability on a DoD website
U.S. Dept Of Defense	-	Cross-site scripting (XSS) vulnerability on a DoD website
U.S. Dept Of Defense	-	Reflected XSS on a Department of Defense website
U.S. Dept Of Defense	-	RCE on a Department of Defense website
U.S. Dept Of Defense	-	Reflected XSS on a DoD website
U.S. Dept Of Defense	-	Reflected XSS on an Army website
U.S. Dept Of Defense	-	Reflected XSS vulnerability on a DoD website
U.S. Dept Of Defense	-	Information disclosure on a DoD website
U.S. Dept Of Defense	-	Reflected cross-site scripting vulnerability on a DoD website
U.S. Dept Of Defense	-	Local File Inclusion vulnerability on an Army system allows downloading local files
U.S. Dept Of Defense	-	Stored cross-site scripting (XSS) on a DoD website
U.S. Dept Of Defense	-	Unrestricted File Download / Path Traversal
U.S. Dept Of Defense	-	Reflected XSS on a Navy website
U.S. Dept Of Defense	-	Reflected XSS on a DoD website
U.S. Dept Of Defense	-	Reflected XSS on a Department of Defense website
U.S. Dept Of Defense	-	Reflective XSS vulnerability on a DoD website
U.S. Dept Of Defense	-	Reflected XSS on a DoD website
U.S. Dept Of Defense	-	Reflected XSS vulnerability on a DoD website