Skip to content

Latest commit

 

History

History
139 lines (138 loc) · 18.2 KB

TOPUPLOAD.md

File metadata and controls

139 lines (138 loc) · 18.2 KB
Raw

Top Upload reports from HackerOne:

  1. Remote Code Execution on www.semrush.com/my_reports on Logo upload to Semrush - 799 upvotes, $0
  2. Webshell via File Upload on ecjobs.starbucks.com.cn to Starbucks - 675 upvotes, $0
  3. Blind XSS on image upload to CS Money - 420 upvotes, $1000
  4. Unrestricted file upload on [ambassador.mail.ru] to Mail.ru - 404 upvotes, $3000
  5. [ RCE ] Through stopping the redirect in /admin/* the attacker able to bypass Authentication And Upload Malicious File to Mail.ru - 340 upvotes, $0
  6. Unrestricted file upload leads to Stored XSS to Visma Public - 268 upvotes, $250
  7. SSRF leaking internal google cloud data through upload function [SSH Keys, etc..] to Vimeo - 252 upvotes, $0
  8. Arbitrary File Upload to Stored XSS to Visma Public - 245 upvotes, $250
  9. Unrestricted File Upload Leads to RCE on mobile.starbucks.com.sg to Starbucks - 227 upvotes, $0
  10. Admin Management - Login Using Default Password - Leads to Image Upload Backdoor/Shell to Razer - 199 upvotes, $200
  11. External SSRF and Local File Read via video upload due to vulnerable FFmpeg HLS processing to TikTok - 144 upvotes, $2727
  12. Unrestricted file upload in www.semrush.com > /my_reports/api/v1/upload/image to Semrush - 124 upvotes, $0
  13. User can upload files even after closing his account to Basecamp - 113 upvotes, $0
  14. XXE Injection through SVG image upload leads to SSRF to Zivver - 112 upvotes, $0
  15. Insecure file upload in xiaoai.mi.com Lead to Stored XSS to Xiaomi - 109 upvotes, $0
  16. Unrestricted File Upload on https://partner.tiktokshop.com/wsos_v2/oec_partner/upload to TikTok - 104 upvotes, $0
  17. [insideok.ru] Remote Command Execution via file upload. to ok.ru - 94 upvotes, $0
  18. Avatar upload allows arbitrary file overwriting to Mail.ru - 88 upvotes, $750
  19. Unrestricted file upload leads to Stored XSS to GitLab - 84 upvotes, $0
  20. Unauthenticated user can upload an attachment to the last updated report draft to HackerOne - 81 upvotes, $0
  21. XSS from arbitrary attachment upload. to Qulture.Rocks - 74 upvotes, $0
  22. Open s3 bucket allows for public upload to Augur - 73 upvotes, $100
  23. Unrestricted File Upload at ██████████ to Mars - 70 upvotes, $0
  24. SSRF and local file disclosure by video upload on https://www.redtube.com/upload to Pornhub - 61 upvotes, $500
  25. Cross site scripting via file upload in subdomain ads.tiktok.com to TikTok - 61 upvotes, $500
  26. Singapore - Unrestricted File Upload Leads to XSS on campaign.starbucks.com.sg/api/upload to Starbucks - 58 upvotes, $0
  27. Unrestricted file upload when creating quotes allows for Stored XSS to Visma Public - 57 upvotes, $250
  28. Stored XSS on upload files leads to steal cookie to Palo Alto Software - 56 upvotes, $0
  29. Unrestricted File Upload Results in Cross-Site Scripting Attacks to Uber - 54 upvotes, $0
  30. insecure storage of information, you can view any file uploaded to the server without authentication and only with a single link to Radancy - 54 upvotes, $0
  31. After the upload of an private file, using transformations, the file becomes public without the possibility of changing it. to Mozilla - 54 upvotes, $0
  32. SSRF and local file disclosure by video upload on https://www.tube8.com/ to Pornhub - 53 upvotes, $500
  33. [Kafka Connect] [JdbcSinkConnector][HttpSinkConnector] RCE by leveraging file upload via SQLite JDBC driver and SSRF to internal Jolokia to Aiven Ltd - 50 upvotes, $5000
  34. SSRF in VCARD photo upload functionality to Open-Xchange - 49 upvotes, $850
  35. IDOR in upload videos of a Channel on https://video.ibm.com to IBM - 46 upvotes, $0
  36. China - ecjobsdc.starbucks.com.cn html/shtml file upload vulnerability to Starbucks - 45 upvotes, $0
  37. XSS Stored via Upload avatar PNG [HTML] File in accounts.shopify.com to Shopify - 44 upvotes, $0
  38. forum.getmonero.org Shell upload to Monero - 40 upvotes, $0
  39. Shell upload in http://widget.support.my.com/ to Mail.ru - 36 upvotes, $1000
  40. SSRF and local file disclosure by video upload on http://www.youporn.com/ to Pornhub - 35 upvotes, $500
  41. Upload profile photo from URL to HackerOne - 32 upvotes, $0
  42. Unrestricted File Upload Blind Stored Xss in subdomain ads.tiktok.com to TikTok - 31 upvotes, $250
  43. Upload Profile Photo in any folder you want with any extension you want to Stripo Inc - 31 upvotes, $0
  44. RCE in profile picture upload to HackerOne - 30 upvotes, $0
  45. Unrestricted File Upload to U.S. Dept Of Defense - 30 upvotes, $0
  46. Unrestricted File Upload on reddit.secure.force.com to Reddit - 27 upvotes, $100
  47. SSRF in upload IMG through URL to Discourse - 27 upvotes, $64
  48. No validation to Image upload user can upload ( php APK zip files and can be used as storage purpose) to Linktree - 27 upvotes, $0
  49. SVG file that HTML Included is able to upload via File Manager to Concrete CMS - 26 upvotes, $0
  50. Shell upload in partner service to Mail.ru - 25 upvotes, $500
  51. RCE via File Upload with a Null Byte Truncated File Extension at https://██████/ to U.S. Dept Of Defense - 24 upvotes, $0
  52. Wordpress 4.7.2 - Two XSS in Media Upload when file too large. to WordPress - 23 upvotes, $0
  53. XSS via unicode characters in upload filename to WordPress - 23 upvotes, $0
  54. File Upload XSS in image uploading of App in mopub to X (Formerly Twitter) - 22 upvotes, $560
  55. Malicious file upload (secure.lahitapiola.fi) to LocalTapiola - 22 upvotes, $0
  56. XXE in upload file feature to Informatica - 21 upvotes, $0
  57. Unrestricted File Upload on https://auth.ratelimited.me to RATELIMITED - 21 upvotes, $0
  58. SSRF & unrestricted file upload on https://my.stripo.email/ to Stripo Inc - 21 upvotes, $0
  59. Arbritrary file Upload on AirMax to Ubiquiti Inc. - 20 upvotes, $0
  60. XSS through image upload of contacts using svg file with png extension to Nextcloud - 20 upvotes, $0
  61. Suspended users can bypass UGC upload ban to Valve - 19 upvotes, $500
  62. XSS through image upload of contacts using svg file to Nextcloud - 19 upvotes, $100
  63. Server side request forgery on image upload for lists to Instacart - 19 upvotes, $50
  64. Unrestricted File Upload in Chat Window to Qulture.Rocks - 19 upvotes, $0
  65. Reporters can upload design to issues using the "Move to" feature to GitLab - 18 upvotes, $600
  66. Unrestricted Upload of File with Dangerous Type to Enjin - 17 upvotes, $0
  67. (Pornhub & Youporn & Brazzers ANDROID APP) : Upload Malicious APK / Overrite Existing APK / Android BackOffice Access to Pornhub - 16 upvotes, $1500
  68. Unrestricted file upload on the image of contacts to Nextcloud - 16 upvotes, $100
  69. Buddypress 2.9.1 - Exceeding the maximum upload size - XSS leading to potential RCE. to WordPress - 14 upvotes, $0
  70. [█████] Bug Reports allow for Unrestricted File Upload to U.S. Dept Of Defense - 14 upvotes, $0
  71. SVG parser loads external resources on image upload to Shopify - 13 upvotes, $0
  72. Unrestricted File Upload To Xss Stored [ https://ideas.browser.mail.ru/ ] to Mail.ru - 13 upvotes, $0
  73. Unrestricted File Upload in Chat Window to OWOX, Inc. - 13 upvotes, $0
  74. store xss in calendar via upload filename to Open-Xchange - 12 upvotes, $250
  75. (Critical) Remote Code Execution Through Old TinyMCE upload bypass to 8x8 - 12 upvotes, $0
  76. Unrestricted File Upload Leads to XSS & Potential RCE to U.S. Dept Of Defense - 12 upvotes, $0
  77. Vulnerability in GoldSource Engine allows to upload and run an arbitrary DLL on client to Valve - 11 upvotes, $1000
  78. DOS: out of memory from gif through upload api to Mattermost - 11 upvotes, $150
  79. Unrestricted file upload (RCE) to Node.js third-party modules - 11 upvotes, $0
  80. Post Based XSS On Upload Via CK Editor [semrush.com] to Semrush - 11 upvotes, $0
  81. Unrestricted File Upload on https://app.lemlist.com to lemlist - 11 upvotes, $0
  82. UniFi Video Server - Arbitrary file upload as SYSTEM to Ubiquiti Inc. - 10 upvotes, $0
  83. Open redirect open.rocket.chat/file-upload/ID/filename.svg to Rocket.Chat - 10 upvotes, $0
  84. SVG file upload leads to XML injection to Topcoder - 10 upvotes, $0
  85. [chaturbate.com] - CSRF Vulnerability on image upload to Chaturbate - 9 upvotes, $300
  86. A malicious user can upload a malicious script through managesieve and trigger its execution in order to consume almost 100% of CPU (LMTP). to Open-Xchange - 9 upvotes, $300
  87. File upload vulnerability on a DoD website to U.S. Dept Of Defense - 9 upvotes, $0
  88. Unrestricted File Upload Leading to Remote Code Execution to Central Security Project - 9 upvotes, $0
  89. Unrestricted File Upload to ███████SubmitRequest/Index.cfm?fwa=wizardform to U.S. Dept Of Defense - 9 upvotes, $0
  90. Possible to Upload Local Arbitrary Private File to the Cloud against User's Will to Mail.ru - 8 upvotes, $150
  91. From Unrestricted File Upload to Remote Command Execution to Yahoo! - 7 upvotes, $0
  92. Stored XSS thru SVG upload to Moneybird - 7 upvotes, $0
  93. Unrestricted File Upload to U.S. Dept Of Defense - 7 upvotes, $0
  94. Blind SSRF via image upload URL downloader on https://██████/ to U.S. Dept Of Defense - 7 upvotes, $0
  95. Upload and delete files in debug page without access control. to U.S. Dept Of Defense - 7 upvotes, $0
  96. Remote file Inclusion - RFI in upload to Slack - 6 upvotes, $0
  97. apps.owncloud.com: Malicious file upload leads to remote code execution to ownCloud - 6 upvotes, $0
  98. Unrestricted file upload - cloudacademy.informatica.com to Informatica - 6 upvotes, $0
  99. Arbitrary file upload when setting an avatar to ExpressionEngine - 6 upvotes, $0
  100. Remote code execution due to unvalidated file upload to MTN Group - 6 upvotes, $0
  101. CodeQL query to detect weak (duplicated) encryption keys for ASP.NET Telerik Upload to GitHub Security Lab - 5 upvotes, $500
  102. File upload over private IM channel to Slack - 5 upvotes, $0
  103. HTML injection and limited XSS via logo image upload - Nextcloud 12.0.0 to Nextcloud - 5 upvotes, $0
  104. Upload directory of Mtn.ci to MTN Group - 5 upvotes, $0
  105. Unrestricted File Upload on https://my.stripo.email and https://stripo.email to Stripo Inc - 5 upvotes, $0
  106. File Upload Restriction Bypass to U.S. Dept Of Defense - 5 upvotes, $0
  107. [z.tochka.com] Unlimited file uploads lead to malware executed to QIWI - 5 upvotes, $0
  108. Arbitrary file upload and stored XSS via ███ support request to U.S. Dept Of Defense - 5 upvotes, $0
  109. Unrestricted file upload vulnerability in IMCE to Acronis - 5 upvotes, $0
  110. Image Upload Path Disclosure to Instacart - 4 upvotes, $100
  111. Arbitrary file uploads to Amazon WS. to HackerOne - 4 upvotes, $0
  112. Missing "size check" on files to upload could make memory leaks. to Uzbey - 4 upvotes, $0
  113. Avatar image upload and bypass real image verification to Nextcloud - 4 upvotes, $0
  114. potential RCE and XSS via file upload requiring user account and default settings to Nextcloud - 4 upvotes, $0
  115. idor on upload profile functionality to U.S. Dept Of Defense - 4 upvotes, $0
  116. ActiveStorage direct upload fails to sign content-length header for S3 service to Ruby on Rails - 4 upvotes, $0
  117. Unrestricted file upload leads to stored xss on https://████████/ to U.S. Dept Of Defense - 4 upvotes, $0
  118. Full path disclosure vulnerability via Upload .htaccess file to Nextcloud - 4 upvotes, $0
  119. Flash Cross Domain Policy Bypass by Using File Upload and Redirection - only in Chrome to Internet Bug Bounty - 3 upvotes, $0
  120. Can upload files without authentication on AirFibre 3.2 to Ubiquiti Inc. - 3 upvotes, $0
  121. Upload directory of Mtn.co.sz has listing enabled to MTN Group - 3 upvotes, $0
  122. Able to upload backgrounds before entering 2FA to CS Money - 3 upvotes, $0
  123. NoSQL-Injection discloses S3 File Upload URLs to Rocket.Chat - 3 upvotes, $0
  124. e.mail.ru: File upload "Chapito" circus to Mail.ru - 2 upvotes, $1000
  125. Malicious File Upload to Moneybird - 2 upvotes, $0
  126. Arbitrary File Upload in Logo & Log in image Theming setting. to Nextcloud - 2 upvotes, $0
  127. S3 bucket Upload on studio.redditinc.com (s3-r-w.ap-east-1.amazonaws.com) to Reddit - 2 upvotes, $0
  128. Reflected XSS via File Upload to Reddit - 2 upvotes, $0
  129. File upload XSS (Java applet) on http://slackatwork.com/ to Slack - 1 upvotes, $200
  130. cloud.mail.ru: File upload XSS using Content-Type header to Mail.ru - 1 upvotes, $150
  131. ftp upload of video allows naming that is not sanitized as the manual naming to Vimeo - 1 upvotes, $0
  132. Remote File Upload Vulnerability in business-blog.zomato.com to Zomato - 1 upvotes, $0
  133. Uploading Plain Text to uber-documents.s3.amazonaws.com Through the Driver Document Upload Page to Uber - 1 upvotes, $0
  134. UNRESTRICTED FILE UPLOAD AT chat.makerdao.com to BlockDev Sp. Z o.o - 1 upvotes, $0
  135. Parallel upload hangs curl if upload file not found to curl - 1 upvotes, $0
  136. Null Pointer Dereference in PHP Session Upload Progress to Internet Bug Bounty - 1 upvotes, $0
  137. unknow files Upload in profile photo to Dropbox Acquisitions - 0 upvotes, $0