CRLF Injection in 301 Redirect allow to Set-Cookies for mail.ru
https://hackerone.com/reports/811366
null
wize
null
CRLF injection in info.hacker.one
https://hackerone.com/reports/217058
null
thalaivarsubu
null
CRLF Injection [vpn.corp.cuvva.com]
https://hackerone.com/reports/231508
null
cyriac
null
CRLF Injection - http://stage.mackeeper.com/
https://hackerone.com/reports/730786
3.5
kphaks
$50
[downloads.mariadb.org] CRLF injection in case of encoded query mark
https://hackerone.com/reports/490997
null
s_p_q_r
null
CRLF injection agentcrm.8x8.com
https://hackerone.com/reports/413115
null
w2w
null
CRLF injection on https://buildbot.mariadb.org
https://hackerone.com/reports/481512
null
mik317
null
CRLF injection on www.starbucks.com
https://hackerone.com/reports/858650
5
x3n0nn3p
$250
CRLF injection at https://mariadb.org/.
https://hackerone.com/reports/476257
5.3
sergeybelove
null
Creating malformed URLs via new line character in-between two URLs leads to misrepresented hyperlinks in Tweets/DMs
https://hackerone.com/reports/712979
null
zlz
$560
SMTP Header Injection at http://abonement.ucs.ru
https://hackerone.com/reports/901956
null
killinem_sec
null
Монипулирование на страницах пользоватлей значением "Подсказывать стикеры в полях ввода"
https://hackerone.com/reports/300622
null
pisarenko
$100
Нет маркера на добавление песни в плейлист пользователя
https://hackerone.com/reports/242408
null
pisarenko
$100
Non-admin users can trigger writes to memcached by entering a malicious server as a share URL
https://hackerone.com/reports/592864
4.3
jmdx
$100
Add arbitrary value in reset password cookie
https://hackerone.com/reports/266030
null
cuso4
null
CRLF Injection on openvpn.svc.ubnt.com
https://hackerone.com/reports/232327
null
0x0luke
null
mod_userdir CRLF injection (CVE-2016-4975)
https://hackerone.com/reports/409512
null
bobrov
$500
CRLF Injection - http://stage-static-cdn.mackeeper.com/
https://hackerone.com/reports/730788
null
kphaks
$50
CRLF Injection
https://hackerone.com/reports/13314
null
bigbear
null
CRLF Injection in legacy url API (url.parse().hostname)
https://hackerone.com/reports/771596
null
vavkamil
null
[synthetics.newrelic.com] SMTP header injection leads to (mass) arbitrary email sending
https://hackerone.com/reports/347439
null
ldionmarcil
$500
CRLF Injection at vpn.bitstrips.com
https://hackerone.com/reports/237357
null
wplus
$500
x-request-id header reflected in server response without sanitization
https://hackerone.com/reports/798686
null
zeop
$50
CRLF Injection on https://vpn.mixmax.com
https://hackerone.com/reports/234758
null
sir_morty
null
Cross-site scripting (XSS) vulnerability on a DoD website
https://hackerone.com/reports/225936
null
sp1d3rs
null
CRLF Injection in email address
https://hackerone.com/reports/796013
null
ashmek
null
Legal Robot
https://hackerone.com/reports/276427
0
miftahabdul2307
null
[screenshot.mail.ru] CRLF Injection
https://hackerone.com/reports/426238
null
bobrov
null
CRLF injection mcs.mail.ru (leads to XSS)
https://hackerone.com/reports/335599
null
w2w
null
CRLF Injection on ███████
https://hackerone.com/reports/245485
null
twicedi
null
CRLF Injection in urllib
https://hackerone.com/reports/590020
6.1
push0ebp
$1,000