Getting started
Learn about vulnerability types 
Getting started in bug bounties 
Test your knowledge
Free Web Application Challenges
BugBountyHunter Membership
Guides for your hunts 
ZSeano's Methodology
Effective Note Taking for bug bounties
Useful Resources 
Disclosed HackerOne Reports 
Our community
Endorsed Members
Hackevents 
Member Articles Smule Program Statistics
4 total issues disclosed
$0 total paid publicly
Most disclosed (1 disclosures) — Improper Authentication - Generic
Disclosed Reports
| Report Title | Vulnerability Type | Disclosed By | Severity | Disclosed on |
|---|---|---|---|---|
| [com.smule.autorap.*] Cloud Messaging/Push Notification service takeover due to clear-text usage of Legacy FCM Server keys in the client app | Use of Hard-coded Credentials | absshax | Critical | 2020-08-24 |
| No Rate Limiting On Phone Number Login Leads to Login Bypass | Improper Authentication - Generic | done11 | Medium | 2020-07-24 |
| Error Page Content Spoofing or Text Injection | Violation of Secure Design Principles | ajayshrimali | Low | 2020-06-03 |
| Open redirect bypass & SSRF Security Vulnerability | Server-Side Request Forgery (SSRF) | snwlol | None | 2020-01-17 |