Skip to content

Latest commit

 

History

History
109 lines (108 loc) · 15.2 KB

TOPLOCALTAPIOLA.md

File metadata and controls

109 lines (108 loc) · 15.2 KB

Top reports from LocalTapiola program at HackerOne:

  1. Oracle Webcenter Sites administrative and hi-privilege access available directly from the internet (/cs/Satellite) to LocalTapiola - 264 upvotes, $18000
  2. RCE using bash command injection on /system/images (toimitilat.lahitapiola.fi) to LocalTapiola - 209 upvotes, $0
  3. CORS misconfiguration allows to steal client's "password", Authorization token and the customer details e.g. names, SSN, bank account etc. to LocalTapiola - 86 upvotes, $0
  4. CORS misconfiguration allows to steal customers data to LocalTapiola - 84 upvotes, $0
  5. Blind Stored XSS Against Lahitapiola Employees - Session and Information leakage to LocalTapiola - 70 upvotes, $5000
  6. Blind Stored XSS Against Lahitapiola Employees - Session and Information leakage to LocalTapiola - 70 upvotes, $0
  7. User able to access company details in yrityspalvelu without proper permissions to LocalTapiola - 63 upvotes, $2000
  8. SQL Injection /webApp/oma_conf ctx parameter (viestinta.lahitapiola.fi) to LocalTapiola - 50 upvotes, $1350
  9. SQL Injection on /webApp/omatalousuk (viestinta.lahitapiola.fi) to LocalTapiola - 41 upvotes, $0
  10. PHPMYADMIN Setup is accessible without authentication on https://lml.lahitapiola.fi/ to LocalTapiola - 38 upvotes, $0
  11. Cookie exfiltration through XSS on the main search request of www.lahitapiola.fi to LocalTapiola - 36 upvotes, $500
  12. SQL Injection in sijoitustalous_peruutus (viestinta.lahitapiola.fi) to LocalTapiola - 36 upvotes, $0
  13. Wordpress Users Disclosure (/wp-json/wp/v2/users/) to LocalTapiola - 32 upvotes, $50
  14. Open Redirect (verkkopalvelu.lahitapiola.fi) to LocalTapiola - 28 upvotes, $400
  15. Persistent XSS at verkkopalvelu.tapiola.fi using spoofed React element and React v.0.13.3 to LocalTapiola - 27 upvotes, $0
  16. SQL Injection on /cs/Satellite path to LocalTapiola - 27 upvotes, $0
  17. xmlrpc.php FILE IS enable it will used for bruteforce attack and denial of service to LocalTapiola - 26 upvotes, $315
  18. SQL Injection /webApp/cancel_iltakoulu regId parameter (viestinta.lahitapiola.fi) to LocalTapiola - 26 upvotes, $0
  19. Reflected XSS+CSRF on secure.lahitapiola.fi to LocalTapiola - 23 upvotes, $0
  20. Malicious file upload (secure.lahitapiola.fi) to LocalTapiola - 22 upvotes, $0
  21. Secure Client-Initiated Renegotiation to LocalTapiola - 21 upvotes, $0
  22. SQL Injection in lapsuudenturva (viestinta.lahitapiola.fi) to LocalTapiola - 19 upvotes, $0
  23. User Information Disclosure via the REST API - /?_method=GET to LocalTapiola - 19 upvotes, $0
  24. SQL Injection on /webApp/sijoitustalousuk email-parameter + potential lack of CSRF Token (viestinta.lahitapiola.fi) to LocalTapiola - 18 upvotes, $1350
  25. F5 BIG-IP Cookie Remote Information Disclosure to LocalTapiola - 18 upvotes, $0
  26. Error Page Content Spoofing or Text Injection (viestinta.lahitapiola.fi) to LocalTapiola - 17 upvotes, $0
  27. CSRF allows attacker to delete item from customer's "Postilaatikko" to LocalTapiola - 16 upvotes, $0
  28. Single user DOS on selectedLanguage -cookie (yrityspalvelu.lahitapiola.fi) to LocalTapiola - 15 upvotes, $400
  29. SQL Injection /webApp/sijoitustalous_peruutus locId parameter (viestinta.lahitapiola.fi) to LocalTapiola - 15 upvotes, $350
  30. HTML Injection in email /webApp/lahti (viestinta.lahitapiola.fi) to LocalTapiola - 15 upvotes, $264
  31. Cookie-based client-side denial-of-service to all of the Lähitapiola domains to LocalTapiola - 15 upvotes, $0
  32. Email Server Compromised at secure.lahitapiola.fi to LocalTapiola - 15 upvotes, $0
  33. Sitemap causing strain on your Lahitapiola.fi server to LocalTapiola - 13 upvotes, $0
  34. WordPress username enumeration (/author) to LocalTapiola - 13 upvotes, $0
  35. CSRF possible when SOP Bypass/UXSS is available to LocalTapiola - 12 upvotes, $50
  36. Content Spoofing or Text Injection (404 error page injection on yrityspalvelu) to LocalTapiola - 12 upvotes, $0
  37. Reflected XSS and Open Redirect in several parameters (viestinta.lahitapiola.fi) to LocalTapiola - 12 upvotes, $0
  38. Reflected XSS (myynti.lahitapiolarahoitus.fi) to LocalTapiola - 12 upvotes, $0
  39. CRLF injection in https://verkkopalvelu.lahitapiola.fi/ to LocalTapiola - 11 upvotes, $400
  40. Remote Code Execution in NovaStor NovaBACKUP DataCenter backup software (Hiback) to LocalTapiola - 11 upvotes, $100
  41. High server resource usage on captcha (viestinta.lahitapiola.fi) to LocalTapiola - 11 upvotes, $0
  42. Reflected XSS of bbe-child-starter Theme via "value"-GET-parameter to LocalTapiola - 11 upvotes, $0
  43. Open Redirect bypass and cookie leakage on www.lahitapiola.com to LocalTapiola - 10 upvotes, $400
  44. The parameter in the POST query allows to control size of returned page which in turn can lead to the potential DOS attack to LocalTapiola - 10 upvotes, $315
  45. Mixed Active Scripting Issue on https://www.lahitapiola.fi to LocalTapiola - 10 upvotes, $0
  46. Reflected XSS on bbe_open_htmleditor_popup.php of BBE Theme via "value"-GET-parameter to LocalTapiola - 10 upvotes, $0
  47. F5 BigIP Backend Cookie Disclosure to LocalTapiola - 10 upvotes, $0
  48. Non-secure requests to www.lahitapiola.fi are not automatically upgraded to HTTPS to LocalTapiola - 10 upvotes, $0
  49. Multiple Vulnerabilities in Oracle Webcenter Sites (/cs/Satellite) to LocalTapiola - 9 upvotes, $600
  50. Single User DOS on SelectedLocale -cookie (verkkopalvelu.tapiola.fi) to LocalTapiola - 9 upvotes, $400
  51. Creating arbitrary cookies values /cs/CookieServer (www.lahitapiola.fi) to LocalTapiola - 9 upvotes, $150
  52. SMTP configuration vulnerability viestinta.lahitapiola.fi to LocalTapiola - 9 upvotes, $100
  53. Single user DOS on selectedLanuage -cookie at (verkkopalvelu.tapiola.fi) to LocalTapiola - 9 upvotes, $100
  54. Poodle attack SSLv3 Support (viestinta.lahitapiola.fi) to LocalTapiola - 9 upvotes, $0
  55. Reflected XSS on sankarikoulutus (viestinta.lahitapiola.fi) to LocalTapiola - 9 upvotes, $0
  56. Test Page available with Server details on /r/test (viestinta.lahitapiola.fi) to LocalTapiola - 9 upvotes, $0
  57. Exposed authentication (/cs/Satellite) to LocalTapiola - 9 upvotes, $0
  58. High server resource usage on captcha (viestinta.lahitapiola.fi) to LocalTapiola - 8 upvotes, $315
  59. Multiple Reflected XSS /webApp/lahti (viestinta.lahitapiola.fi) to LocalTapiola - 8 upvotes, $150
  60. Open redirection protection bypass (/cs/Satellite) to LocalTapiola - 8 upvotes, $0
  61. Sql injection on /webApp/sijoituswebinaari (viestinta.lahitapiola.fi) to LocalTapiola - 8 upvotes, $0
  62. SQL Injection on /webApp/viivanalle (viestinta.lahitapiola.fi) to LocalTapiola - 8 upvotes, $0
  63. SQL Injection on /webApp/lapsuudenturva (viestinta.lahitapiola.fi) to LocalTapiola - 8 upvotes, $0
  64. Cleartext protocol after bank authentication (yrityspalvelu.tapiola.fi) to LocalTapiola - 8 upvotes, $0
  65. Authorization issue on 'valtakirjat' (/e2/verkkopalvelu/) to LocalTapiola - 8 upvotes, $0
  66. DoS of www.lahitapiolarahoitus.fi via CVE-2018-6389 exploitation to LocalTapiola - 8 upvotes, $0
  67. Disclosure of Users Information via Wordpress API (?rest_route) to LocalTapiola - 7 upvotes, $50
  68. XSS and open redirect in verkkopalvelu.lahitapiola.fi to LocalTapiola - 7 upvotes, $0
  69. /icons/README available on viestinta.lahitapiola.fi to LocalTapiola - 7 upvotes, $0
  70. CSRF bypass + XSS on verkkopalvelu.tapiola.fi to LocalTapiola - 7 upvotes, $0
  71. Flash-based XSS on mediaelement-flash-audio-ogg.swf of www.lahitapiolarahoitus.fi to LocalTapiola - 7 upvotes, $0
  72. Blacklist bypass for /cs/Satellite (www.lahitapiola.fi) to LocalTapiola - 6 upvotes, $600
  73. HTML Injection in email from http://www.lahitapiola.fi/henkilo/sivut/tonttutesti to LocalTapiola - 6 upvotes, $264
  74. Securemail server used to internal spam and resource exhaustion to LocalTapiola - 6 upvotes, $264
  75. Reflected XSS Vulnerability in https://www.lahitapiola.fi/cs/Satellite to LocalTapiola - 6 upvotes, $250
  76. Brute force unsubscription on /webApp/unsub_sb (viestinta.lahitapiola.fi) to LocalTapiola - 6 upvotes, $200
  77. Reflected XSS in LTContactFormReceiver (/cs/Satellite) to LocalTapiola - 6 upvotes, $50
  78. Internal IP Address Disclosure at https://www.lahitapiolarahoitus.fi/wp-json/wp/v2/pages to LocalTapiola - 6 upvotes, $50
  79. Disclosure of IBM Websphere page to LocalTapiola - 6 upvotes, $0
  80. Possible sweet32 lahitapiola.fi to LocalTapiola - 6 upvotes, $0
  81. Information exposure via error pages (www.lahitapiola.fi Tomcat) to LocalTapiola - 6 upvotes, $0
  82. Lahitapiola´s customer names send to 3rd party to LocalTapiola - 5 upvotes, $588
  83. /icons/README is still available on viestinta.lahitapiola.fi to LocalTapiola - 5 upvotes, $50
  84. The PdfServlet-functionality used by the "Tee vakuutustodistus" allows injection of custom PDF-content via CSRF-attack to LocalTapiola - 5 upvotes, $0
  85. Option method enabled (viestinta.lahitapiola.fi) to LocalTapiola - 5 upvotes, $0
  86. Abusing and Hacking the SMTP Server secure.lahitapiola.fi to LocalTapiola - 4 upvotes, $300
  87. Reflected XSS Vulnerability in www.lahitapiola.fi/cs/Satellite to LocalTapiola - 4 upvotes, $250
  88. Exploiting Secure Shell (SSH) on mobilelt.lahitapiola.fi to LocalTapiola - 4 upvotes, $100
  89. HTTP status code manipluation & java stack trace to LocalTapiola - 4 upvotes, $100
  90. XSS on 3rd party service Localtapiola is using to LocalTapiola - 4 upvotes, $100
  91. Verbose error message reveals internal system hostnames, protols and used ports (yrityspalvelu.tapiola.fi) to LocalTapiola - 4 upvotes, $0
  92. Posting modified information in 'Investment section' will cause unintended information change in verkkopalvelu.tapiola.fi to LocalTapiola - 3 upvotes, $1000
  93. Reflected XSS and Open Redirect (verkkopalvelu.lahitapiola.fi) to LocalTapiola - 3 upvotes, $400
  94. Suspicious browser fingerprinting(?) scripts on http://www.lahitapiola.fi/ redirector to LocalTapiola - 3 upvotes, $100
  95. Amazon Bucket Accessible (http://inpref.s3.amazonaws.com/) to LocalTapiola - 3 upvotes, $0
  96. Enumeration in unsubscribe -function of /omatalousuk (viestinta.lahitapiola.fi) to LocalTapiola - 3 upvotes, $0
  97. Reflected XSS on iltakoulu_varkaus (viestinta.lahitapiola.fi) to LocalTapiola - 3 upvotes, $0
  98. Possibly big authorization problem in Lähitapiola´s varainhoito to LocalTapiola - 2 upvotes, $400
  99. User Information Disclosure via Json response to LocalTapiola - 2 upvotes, $50
  100. Source Code Disclosure on out of scope domain viestinta.lahitapiola.fi to LocalTapiola - 2 upvotes, $0
  101. Reflected XSS in www.lahitapiola.fi (/cs/Satellite) using Oracle WebCenter -page to LocalTapiola - 2 upvotes, $0
  102. OpenSSL Padding Oracle Attack (CVE-2016-2107) on viestinta.lahitapiola.fi to LocalTapiola - 2 upvotes, $0
  103. show control page if you insert ' at http://viestinta.lahitapiola.fi/ to LocalTapiola - 2 upvotes, $0
  104. Open redirect - user interaction needed (verkkopalvelu.lahitapiola.fi/e2/..) - based on #179328 to LocalTapiola - 2 upvotes, $0
  105. www.lahitapiola.fi DOM XSS by choosing regional company to LocalTapiola - 1 upvotes, $100
  106. DOM XSS bypassing in Regional Office -selector to LocalTapiola - 1 upvotes, $0
  107. Oracle WebCenter Sites Support Tools available and Information disclosure (/cs/Satellite) to LocalTapiola - 1 upvotes, $0