Boozt Fashion AB Bug Bounty Program Statistics

Boozt Fashion AB Program Statistics

28 total issues disclosed

$1,830 total paid publicly

Most disclosed (6 disclosures) — Violation of Secure Design Principles

Disclosed Reports

Show entries

Search:

Report Title	Vulnerability Type	Disclosed By	Severity	Disclosed on
[www.boozt.com] - Authentication bypass	Improper Authentication - Generic	ramsexy	Medium	2018-05-25
ADB Backup is enabled within AndroidManifest	Information Disclosure	sfsecurityfirst	No rating	2017-07-27
Android app does not use SSL for login	Cryptographic Issues - Generic	nightwatch-cybersecurity	No rating	2017-07-27
Application code is not obfuscated -- OWASP M9 (2016)	Violation of Secure Design Principles	dineshdinz	High	2017-02-24
booztfashion.com URL should HTTPS	None supplied	nihad_rekany	No rating	2017-09-18
Broken Authentication and Session Management(Session Fixation)	Improper Authentication - Generic	koshti25	No rating	2017-07-27
Bruteforce Unlimited number of password attempts	Brute Force	chrisnagora	Critical	2017-10-04
Bypass email validity in newsletter field	Violation of Secure Design Principles	helloworld152	No rating	2017-02-24
Cookie Misconfiguration	Improper Authentication - Generic	abdulwahab	Medium	2017-07-27
Email link poisoning / Host header attack	None supplied	ramsexy	High	2017-08-01
Email spoofing at booztlet.com	Violation of Secure Design Principles	m7mdharoun	Critical	2017-07-27
Git available containing passwords.	Privilege Escalation	xpathmaster	Critical	2017-07-27
Host header poisoning leads to account password reset links hijacking	Information Disclosure	yassineaboukir	No rating	2016-09-17
Http header injection	Violation of Secure Design Principles	gorkhali	No rating	2016-09-19
Instance of Apache Vulnerable to Several Issues	Denial of Service	zephrfish	No rating	2016-09-14
Make victim buy in attacker's account without any idea - http://www.booztlet.com/	Improper Authentication - Generic	inhibitor181	No rating	2016-10-31
No Confirmation During Email Change	None supplied	craxermgr	Medium	2017-10-23
No csrf protection on logout	Violation of Secure Design Principles	smii3	No rating	2016-09-10
No Session change on Password change	Insufficient Session Expiration	craxermgr	Medium	2017-10-23
Password reset token issue	Improper Authentication - Generic	dilip_prakash	No rating	2017-09-04

Showing 1 to 20 of 28 entries

Previous1 2Next

BugBountyHunter

Boozt Fashion AB Program Statistics

Disclosed Reports