Skip to content

Latest commit

 

History

History
81 lines (77 loc) · 11 KB

TOPRAZER.md

File metadata and controls

81 lines (77 loc) · 11 KB
Raw

Back

Top reports from Razer program at HackerOne:

  1. 🐞 OS Command Injection at https://sea-web.gold.razer.com/lab/ws-lookup via IP parameter to Razer - 676 upvotes, $2000
  2. 🐞 OS Command Injection at https://sea-web.gold.razer.com/lab/ws-lookup via IP parameter to Razer - 676 upvotes, $2000
  3. SQL injection at https://sea-web.gold.razer.com/ajax-get-status.php via txid parameter to Razer - 580 upvotes, $2000
  4. SQL Injection in https://api-my.pay.razer.com/inviteFriend/getInviteHistoryLog to Razer - 528 upvotes, $2000
  5. OTP token bypass in accessing user settings to Razer - 339 upvotes, $1000
  6. [Razer Pay Mobile App] Broken access control allowing other user's bank account to be deleted to Razer - 311 upvotes, $1000
  7. [Razer Pay Mobile App] Broken access control allowing other user's bank account to be deleted to Razer - 311 upvotes, $1000
  8. Reflected XSS at https://pay.gold.razer.com escalated to account takeover to Razer - 287 upvotes, $750
  9. SQL Injection at https://sea-web.gold.razer.com/lab/cash-card-incomplete-translog-resend via period-hour Parameter to Razer - 240 upvotes, $2000
  10. [api.easy2pay.co] SQL Injection at fortumo via TransID parameter [Bypassing Signature Validation🔥] to Razer - 232 upvotes, $4000
  11. [api.easy2pay.co] SQL Injection at fortumo via TransID parameter [Bypassing Signature Validation🔥] to Razer - 232 upvotes, $4000
  12. Admin Management - Login Using Default Password - Leads to Image Upload Backdoor/Shell to Razer - 199 upvotes, $200
  13. Through blocking the redirect in /* the attacker able to bypass Authentication To see Sensitive Data sush as Game Keys , Emails ,.. to Razer - 196 upvotes, $1000
  14. Through blocking the redirect in /* the attacker able to bypass Authentication To see Sensitive Data sush as Game Keys , Emails ,.. to Razer - 196 upvotes, $1000
  15. Unauthenticated access to sensitive user information to Razer - 184 upvotes, $500
  16. SQLi at https://sea-web.gold.razer.com/demo-th/purchase-result.php via orderid Parameter to Razer - 183 upvotes, $2000
  17. [IDOR] API endpoint leaking sensitive user information to Razer - 172 upvotes, $375
  18. Misconfigured s3 Bucket exposure to Razer - 168 upvotes, $500
  19. Accessible Druid Monitor console on https://api.pay-staging.razer.com/ to Razer - 126 upvotes, $1500
  20. SQL injection in Razer Gold List Admin at /lists/index.php via the list[] parameter. to Razer - 122 upvotes, $2000
  21. SQL Injection at api.easy2pay.co/add-on/get-sig.php via partner_id Parameter to Razer - 119 upvotes, $2000
  22. HTML injection in support.razer.com [IE only] to Razer - 109 upvotes, $250
  23. DOM XSS at https://www.thx.com in IE/Edge browser to Razer - 102 upvotes, $250
  24. [Razer Pay Android App] Multiple vulnerabilities chained to allow "RedPacket" money to be stolen by a 3rd party to Razer - 84 upvotes, $1000
  25. [pay.gold.razer.com] Stored XSS - Order payment to Razer - 81 upvotes, $1500
  26. Blind SQL Injection at http://easytopup.in.th/es-services/mps.php via serial_no parameter to Razer - 80 upvotes, $1000
  27. 2FA doesn't work in "https://insider.razer.com" to Razer - 72 upvotes, $200
  28. SQL injection at https://sea-web.gold.razer.com/demo-th/goto-e2p-web-api.php via Multiple Parameters to Razer - 71 upvotes, $2000
  29. Blind SQL Injection(Time Based Payload) in https://www.easytopup.in.th/store/game/digimon-master via CheckuserForm[user_id] to Razer - 68 upvotes, $1000
  30. [SSRF] Server-Side Request Forgery at https://sea-web.gold.razer.com/dev/simulator via notify_url Parameter to Razer - 60 upvotes, $2000
  31. Payment PIN Verification Bypass to Razer - 57 upvotes, $1000
  32. Reflected XSS at http://promotion.molthailand.com/index.php via promotion_id parameter to Razer - 55 upvotes, $250
  33. Insecure Logging - OWASP (2016-M2) to Razer - 45 upvotes, $400
  34. Improper access control on easytopup.in.th transaction page leads to user's information disclosure and may lead to account hijacking to Razer - 41 upvotes, $1000
  35. Improper access control on easytopup.in.th transaction page leads to user's information disclosure and may lead to account hijacking to Razer - 41 upvotes, $1000
  36. Improper Authorization at https://api-my.pay.razer.com/v1/trxDetail?trxId=[Id] allowing unauthorised access to other user's transaction details to Razer - 40 upvotes, $500
  37. dom based xss on [hello.merchant.razer.com] to Razer - 36 upvotes, $500
  38. Cookie based XSS on http://ftp1.thx.com to Razer - 31 upvotes, $375
  39. [razer-assets2] Listing of Amazon S3 Bucket accessible to any AWS cli to Razer - 27 upvotes, $250
  40. DLL Hijacking in Synapse 2 CrashSender1402.exe via version.dll to Razer - 26 upvotes, $750
  41. Expired reCAPTCHA site key leads to Rate Limit Bypass and Email Enumeration to Razer - 26 upvotes, $200
  42. IDOR in eform.molpay.com leads to see other users application forms with private data to Razer - 21 upvotes, $500
  43. Insecure Processing of XML leads to Denial of Service through Billion Laughs Attack to Razer - 21 upvotes, $375
  44. Insecure Processing of XML leads to Denial of Service through Billion Laughs Attack to Razer - 21 upvotes, $375
  45. Insecure HostnameVerifier within WebView of Razer Pay Android (TLS Vulnerability) to Razer - 20 upvotes, $750
  46. Request Smuggling vulnerability due a vulnerable skipper reverse proxy running in the environment. to Razer - 18 upvotes, $375
  47. Subdomain takeover at iosota.razersynapse.com via Amazon S3 to Razer - 18 upvotes, $200
  48. Reflected XSS on molpay.com with cloudflare bypass to Razer - 17 upvotes, $375
  49. Reflected XSS on https://www.easytopup.in.th/store/product/return on parameter mref_id to Razer - 17 upvotes, $250
  50. [press.razer.com] Origin IP found, Cloudflare bypassed to Razer - 17 upvotes, $200
  51. PHPInfo Page on www.razer.ru to Razer - 17 upvotes, $0
  52. Access to support tickets and payment history, impersonate razer support staff to Razer - 16 upvotes, $1500
  53. Reflected XSS at https://sea-web.gold.razer.com/cash-card/verify via channel parameter to Razer - 15 upvotes, $500
  54. Subdomain takeover at ftp.thx.com to Razer - 15 upvotes, $250
  55. AWS subdomain Takeover at estore.razersynapse.com to Razer - 15 upvotes, $250
  56. https://zest.co.th/zestlinepay/checkproduct API endpoint suffers from Boolean-based SQL injection to Razer - 15 upvotes, $0
  57. Leftover back-end system on www.zest.co.th allows an unauthorized attacker to generate Razer Gold Pin for free to Razer - 14 upvotes, $375
  58. Leftover back-end system on www.zest.co.th allows an unauthorized attacker to generate Razer Gold Pin for free to Razer - 14 upvotes, $375
  59. [api.easy2pay.co] SQL Injection in cashcard via card_no parameter ⭐️Bypassing IP whitelist⭐️ to Razer - 14 upvotes, $0
  60. [Razer Pay Mobile App] IDOR within /v1_IM/friends/queryDrawRedLog allowed unauthorised access to read logs to Razer - 12 upvotes, $500
  61. Post Based Reflected XSS on [https://investor.razer.com/s/ir_contact.php] to Razer - 12 upvotes, $375
  62. Helpdesk takeover (subdomain takeover) in razerzone.com domain via unclaimed Zendesk instance to Razer - 12 upvotes, $250
  63. Source Code Disclosure to Razer - 12 upvotes, $200
  64. THX Tuneup Survey feedback disclosure via Google cached content for apps.thx.com to Razer - 12 upvotes, $200
  65. DOM-based XSS on https://zest.co.th/zestlinepay/ to Razer - 10 upvotes, $200
  66. Reflected XSS in eform.molpay.com to Razer - 9 upvotes, $375
  67. Aws bucket writable mobile.razer.com to Razer - 9 upvotes, $250
  68. Misconfigured Bucket [razer-assets2] https://assets2.razerzone.com/ to Razer - 9 upvotes, $250
  69. Information disclosure at http://sea-s2s.molthailand.com/status.php to Razer - 8 upvotes, $375
  70. Race Condition in Oauth 2.0 flow can lead to malicious applications create multiple valid sessions to Razer - 8 upvotes, $250
  71. [Razer Pay] Broken Access Control at /v1/verifyPhone/ allows enumeration of usernames and ID information to Razer - 6 upvotes, $500
  72. Store Cross-Site Scripting - www.razer.ru to Razer - 5 upvotes, $200
  73. User Access Control Bypass Via Razer elevated service ( RzKLService.exe ) which loads exe in misconfigured way. to Razer - 3 upvotes, $750
  74. RXSS at https://api.easy2pay.co/inquiry.php via txid parameter. to Razer - 2 upvotes, $250

Back