Domains

www.antihack.me

Minimum
Bounty

SGD$ 0

Reports
solved

76

Hackers
Thanked

47

Bounty Statistics

SGD$ - - -

Total bounties paid


SGD$ - - -

Average bounty range


SGD$ - - -

Top bounty range

Hacktivity
  • 2 week ago

    [an anti-CSRF token no present]has closed this report with the status of Spam
  • 3 week ago

    [testing]has closed this report with the status of Spam
  • 2 month ago

    [COULDN'T UPLOAD IMAGE PROFILE ANYMORE AFTER UPLOAD XSS INJECTION PAYLOAD (Broken Avatar Template)]has closed this report with the status of Not applicable
  • 2 month ago

    [Bypass 2FA requirement to update critical infos]has closed this report with the status of Not applicable
  • 2 month ago

    [Misconfiguration leading to reuse of disabled 2FA keys]has closed this report with the status of Not applicable
  • 3 month ago

    [Reflected XSS on Sumbit Report]has closed this report with the status of Informative
  • 3 month ago

    [COULD'T UPLOAD IMAGE PROFILE ANYMORE AFTER UPLOAD XSS INJECTION PAYLOAD (Broken Avatar Template)]has closed this report with the status of Not applicable
  • 3 month ago

    [DM Bombing on Any Endpoints]has closed this report with the status of Not applicable
  • 3 month ago

    [Confirmation needed for 2fa disable [//xss test for antihack hactivity "><img src=a prompt(1)>gg]]has closed this report with the status of Resolved
  • 3 month ago

    [Self xss]has closed this report with the status of Not applicable
  • 3 month ago

    [information disclosure via error message on staging.antihack.me]has closed this report with the status of Not applicable
  • 3 month ago

    []has closed this report with the status of Not applicable
  • 3 month ago

    [Left-over Log file Revealing File Full Path]has closed this report with the status of Resolved
  • 3 month ago

    [[www.antihack.me] Malicous file upload]has closed this report with the status of Resolved
  • 3 month ago

    [XSS on docimage2 parameter in Post Comment Function]has closed this report with the status of Resolved
  • 3 month ago

    [XSS on filename of Upload Function]has closed this report with the status of Resolved
  • 3 month ago

    [Upload Function lead to Full Path Disclosure]has closed this report with the status of Resolved
  • 3 month ago

    [Stored Cross-site Scripting (XSS) Injected In Profile Image Name]has closed this report with the status of Resolved
  • 3 month ago

    [Exceptional Errors Disclose Full Path of Multiple Files on the Server]has closed this report with the status of Resolved
  • 3 month ago

    [Exception Debug Information Exposed to Public \Full Path Disclosure\]has closed this report with the status of Resolved
  • 4 month ago

    [Exception Debug Information Exposed to Public \Full Path Disclosure\]has closed this report with the status of Resolved
  • 4 month ago

    [My XSS POC]has closed this report with the status of Spam
  • 4 month ago

    [xss test]has closed this report with the status of Spam
  • 3 month ago

    [test]has closed this report with the status of Spam
  • 4 month ago

    [XSS POC]has closed this report with the status of Spam
  • 3 month ago

    [XSS POC]has closed this report with the status of Spam
  • 4 month ago

    [testing]has closed this report with the status of Spam
  • 4 month ago

    [xss test]has closed this report with the status of Spam
  • 4 month ago

    [Again bypassed XSS waf]has closed this report with the status of Spam
  • 4 month ago

    [Stored XSS on antihack.me [WAF bypass]]has closed this report with the status of Spam
  • 4 month ago

    [xss test]has closed this report with the status of Resolved
  • 4 month ago

    [Stored XSS on antihack.me]has closed this report with the status of Not applicable
  • 4 month ago

    [Session not invalidated after password change]has closed this report with the status of Informative
  • 4 month ago

    [Session not expired on logout]has closed this report with the status of Informative
  • 4 month ago

    [Your program ( WeCharge ) Is out of sumbit a report,]has closed this report with the status of Not applicable
  • 4 month ago

    [Arbitary Remove Anyfile on antihack.me]has closed this report with the status of Resolved
  • 4 month ago

    [Full Path Disclosure in /php/ajax_upload_file.php]has closed this report with the status of Resolved
  • 4 month ago

    [Testing Stored XSS in Report]has closed this report with the status of Informative
  • 4 month ago

    [Local File Disclosure via /filedownload.php]has closed this report with the status of Resolved
  • 3 month ago

    [Password Token Leakage in Referer]has closed this report with the status of Resolved
  • 4 month ago

    [Possibility to delete a files on antihack.me server]has closed this report with the status of Resolved
  • 4 month ago

    [CSRF in 2fa disable, auth bypass]has closed this report with the status of Spam
  • 3 month ago

    [CSRF in 2fa disable, auth bypass]has closed this report with the status of Resolved
  • 4 month ago

    [CSRF Vulnerability on report and comment file upload]has closed this report with the status of Resolved
  • 4 month ago

    [CSRF Vulnerability on profile image upload]has closed this report with the status of Informative
  • 4 month ago

    [Admin login accessible over the internet]has closed this report with the status of Informative
  • 5 month ago

    [Cross-site scripting and HTML injection in markdown parser]has closed this report with the status of Not applicable
  • 4 month ago

    [[Re-submit] Dom-Based XSS in https://www.antihack.me]has closed this report with the status of Resolved
  • 5 month ago

    [User information and Critical File disclosure]has closed this report with the status of Resolved
  • 5 month ago

    [Strong password policy bypass]has closed this report with the status of Informative
  • 4 month ago

    [Open Redirection Through Referrer Header]has closed this report with the status of Resolved
  • 5 month ago

    [Critical File Path Disclosure]has closed this report with the status of Resolved
  • 5 month ago

    [Reflected XSS on preview]has closed this report with the status of Not applicable
  • 4 month ago

    [Full Path Disclosure Vulnerabiltiy]has closed this report with the status of Resolved
  • 4 month ago

    [rate limit in reset password page]has closed this report with the status of Resolved
  • 5 month ago

    [Full Path Disclosure]has closed this report with the status of Resolved
  • 5 month ago

    [laravel.log file disclosure leads to users & admins emails/Hashed_password/login info/server info/server root path and many other info disclosure]has closed this report with the status of Resolved
  • 5 month ago

    [Changing Profile Picture and user information using ClickJacking]has been closed with the status of Resolved
  • 5 month ago

    [Stealing Reseacher's payment using ClickJacking Vulnerability]has been closed with the status of Resolved
  • 4 month ago

    [Reuse-ability of AntiHack DM _token parameter leading to unlimited messaging to Antihack DM]has closed this report with the status of Not applicable
  • 4 month ago

    [Insecure Direct Object Reference (IDOR)]has closed this report with the status of Resolved
  • 5 month ago

    [Reflected XSS]has been closed with the status of Not applicable
  • 5 month ago

    [Session Fixation]has been closed with the status of Not applicable
  • 5 month ago

    [Host Header Injection on https://www.antihack.me]has been closed with the status of Resolved
  • 5 month ago

    [Insufficient Session Expiration in antihack.me]has been closed with the status of Informative
  • 5 month ago

    [Improper session validation]has been closed with the status of Informative
  • 5 month ago

    [Rce via my initial report number 696]has closed this report with the status of Resolved
  • 4 month ago

    [Blind xss at admin panel]has closed this report with the status of Resolved
  • 5 month ago

    [JUST TEST , PLEASE DELETE IT]has been closed with the status of Spam
  • 4 month ago

    [IDOR can lead hacker Submit Submission to Private Program and locked program]has closed this report with the status of Resolved
  • 4 month ago

    [CSRF on www.antihack.me]has closed this report with the status of Resolved
  • 5 month ago

    [Password Reset Token Not expiring even after more than 24 hours]has closed this report with the status of Resolved
  • 4 month ago

    [CSRF to disable 2FA in antihack.me]has closed this report with the status of Resolved
  • 5 month ago

    [malicious file]has closed this report with the status of Informative
  • 5 month ago

    [Stored XSS In Antihack Blog]has been closed with the status of Resolved
  • 5 month ago

    [Host Header Attack]has been closed with the status of Informative
  • 5 month ago

    [Privilege Escalation Vulnerability To Break Password Policy]has closed this report with the status of Informative
  • 4 month ago

    [Unrestricted File Upload]has closed this report with the status of Resolved
  • 4 month ago

    [Information Disclosure on https://www.antihack.me/unsubscribe]has closed this report with the status of Resolved
  • 6 month ago

    [XSS while posting a comment during submission]has been closed with the status of Resolved
  • 6 month ago

    [Information Disclosure leads to Possible SQLi]has been closed with the status of Not applicable
  • 6 month ago

    [xss via image upload]has been closed with the status of Not applicable
  • 6 month ago

    [closed Reports not showing in.inbox]has been closed with the status of Not applicable
  • 6 month ago

    [Ability to Bypass Business Logic To Update Data in Forms]has been closed with the status of Resolved
  • 6 month ago

    [UI Redressing aka Clickjacking]has been closed with the status of Resolved
  • 6 month ago

    [Directory Information Disclosure leads to CV disclosures part 2]has been closed with the status of Resolved
  • 6 month ago

    [Directory Information Disclosure leads to CV disclosures]has been closed with the status of Resolved
  • 6 month ago

    [CRITICAL. Direct file Access. Can access PoC images and videos by anyone on any report.]has been closed with the status of Resolved
  • 6 month ago

    [{CRITICAL} anyone can access any report ]has been closed with the status of Resolved
  • 6 month ago

    [Stored XSS in name filed.]has been closed with the status of Resolved
  • 6 month ago

    [[URGENT] Unrestricted File Upload (RCE) on submit_report endpoint]has been closed with the status of Resolved
  • 6 month ago

    [Account takeover by chaining vulnerabilities]has been closed with the status of Resolved
  • 6 month ago

    [Server Side Request Forgery (SSRF) on https://www.antihack.me/php/img_crop_to_file_hacker.php]has been closed with the status of Not applicable
  • 6 month ago

    [Changing of username via burp intercept]has been closed with the status of Resolved
  • 6 month ago

    [Stored XSS in reports form. Can leak antihack employee dashboard url, cookies etc.]has been closed with the status of Resolved
  • 6 month ago

    [XSS]has been closed with the status of Resolved
  • 6 month ago

    [Stored XSS in profile section (field = about me)]has been closed with the status of Resolved
  • 6 month ago

    [[IDOR] Changing anybody profile picture on antihack.me]has been closed with the status of Resolved
  • 6 month ago

    [Stored xss in username field that executes in submitted bugs too ]has been closed with the status of Resolved
  • 6 month ago

    [Unrestricted File Upload Leading to Remote Code Execution]has been closed with the status of Resolved
  • 6 month ago

    [Overwriting of Other Users Profile Image]has been closed with the status of Resolved
  • 6 month ago

    [Verbose error messages]has been closed with the status of Resolved
  • 6 month ago

    [Verbose error messages]has been closed with the status of Not applicable
  • 6 month ago

    [Able to edit others profile image ]has been closed with the status of Resolved
  • 6 month ago

    [Php file upload to remote code execution ]has been closed with the status of Resolved
  • 6 month ago

    [xss via svg file ]has been closed with the status of Resolved
  • 6 month ago

    [clickjacking is possible due to lack of iframe option ]has been closed with the status of Resolved
  • 6 month ago

    [Cross-site Scripting]has been closed with the status of Resolved
  • 6 month ago

    [Tab nabbing]has been closed with the status of Resolved
  • 6 month ago

    [Accessing report details of other users]has been closed with the status of Resolved
  • 6 month ago

    [http doesn't redirect to https]has been closed with the status of Not applicable
  • 6 month ago

    [Full account takeover]has been closed with the status of Resolved
  • 6 month ago

    [Version & Technology Disclosure]has been closed with the status of Informative
  • 6 month ago

    [Username Takeover of any User]has been closed with the status of Resolved
  • 6 month ago

    [Username Takeover of any User]has been closed with the status of Resolved
  • 6 month ago

    [Username Takeover of any User]has been closed with the status of Not applicable
  • 6 month ago

    [SQL Query Disclosure via Error Message]has been closed with the status of Not applicable
  • 6 month ago

    [Server Version Disclosure]has been closed with the status of Not applicable
  • 6 month ago

    [Internal Path Disclosure]has been closed with the status of Resolved
  • 6 month ago

    [Stored XSS at Profile Page]has been closed with the status of Resolved
  • 6 month ago

    []has been closed with the status of Informative
  • 6 month ago

    [session not expiring]has been closed with the status of Informative
  • 6 month ago

    [Remote code execution via report file upload [critical]]has been closed with the status of Resolved
  • 6 month ago

    [Changing of username without contacting antihack.me team]has been closed with the status of Not applicable
  • 6 month ago

    [XSS in profile]has been closed with the status of Informative
  • 6 month ago

    [Changing handle without verification]has been closed with the status of Informative
  • 6 month ago

    [Blind XSS @ antihack.me/admin/contactus-listing]has been closed with the status of Not applicable
  • 6 month ago

    [Xss via image name]has been closed with the status of Informative
  • 6 month ago

    [Cross-site Scripting]has been closed with the status of Not applicable
  • 6 month ago

    [Broken authentication : Improper cache handling ]has been closed with the status of Informative
  • 6 month ago

    [Sensitive information saved on browser cache in https://www.antihack.me/_company/Antihack.Me/submit_report]has been closed with the status of Not applicable
  • 6 month ago

    [Reports attachments are acessible by anyone using direct link]has been closed with the status of Resolved
  • 6 month ago

    [Information Disclosure via Error Message]has been closed with the status of Not applicable
  • 6 month ago

    [Full path Disclosure Due to Improper Error Handling]has been closed with the status of Not applicable
  • 6 month ago

    [Stored XSS on report inbox]has been closed with the status of Resolved
  • 6 month ago

    [XSS on hackers profile]has been closed with the status of Not applicable
  • 6 month ago

    [Reflected XSS in Report's ID.]has been closed with the status of Resolved
  • 6 month ago

    [Server crashing showing user details and hashed passwords]has been closed with the status of Resolved
  • 6 month ago

    [Allowed upload of scripts via hacker registration page]has been closed with the status of Resolved