Ratelimited


reports in last 90 days

12

disclosed resolved issues

3

disclosed informative issues

0

disclosed N/A issues

Listed on HackerOne — Updated on 2019/10/15

Bug Title Bug Type Found By Report Info Report Status

Medium Credientals Over GET method in plain Text

Unprotected Transport of Credentials d33van Time to triage: 1 Days and 7 hours


Time to close: 9 Days and 19 hours
Resolved

No rating Unrestricted File Upload on https://auth.ratelimited.me

None supplied daniel_v Time to triage: 3 Days and 14 hours


Time to close: 26 Days and 19 hours
Resolved

Critical HTTP PUT method is enabled ratelimited.me

None supplied codeslayer137 Issue was not triaged


Time to close: 0 Days and 4 hours
Resolved

High Missing Protection Mechanism in Mail Servers allows malicious user to use staff.ratelimited.me email could lead to identity theft.

Violation of Secure Design Principles sxw Time to triage: 0 Days and 0 hours


Time to close: 3 Days and 21 hours
Resolved

Critical HTTP PUT method enabled

Improper Access Control - Generic emitrani Time to triage: 0 Days and 0 hours


Time to close: 0 Days and 1 hours
Resolved

Critical HTTP PUT method enabled

Improper Access Control - Generic hach3ro Issue was not triaged


Time to close: 43 Days and 6 hours
Spam

Low information disclosure which leak the apache version

Information Disclosure hamzamn2098 Issue was not triaged


Time to close: 0 Days and 2 hours
Resolved

Medium Banner Grabbing - Apache Server Version Disclousure

Information Disclosure hamzamandil Issue was not triaged


Time to close: 0 Days and 2 hours
Resolved

No rating Information Disclosure on https://theendlessweb.com/

Information Disclosure dhamu_harker Issue was not triaged


Time to close: 0 Days and 12 hours
Resolved

Medium Apache Version Disclosure Through Directory Indexing

Information Exposure Through an Error Message whoami021 Issue was not triaged


Time to close: 0 Days and 10 hours
Informative

Low Editable Wiki repo by anyone

Violation of Secure Design Principles hamad_iheb Issue was not triaged


Time to close: 0 Days and 9 hours
Informative

High Hackerone1

HTTP Request Smuggling yasinylcn17 Issue was not triaged


Time to close: 33 Days and 2 hours
Spam

No rating Server Header disclose The Os and Web server Version

Violation of Secure Design Principles hamad_iheb Issue was not triaged


Time to close: 0 Days and 3 hours
Resolved

Medium Open Directory

Information Exposure Through Directory Listing shrey3 Issue was not triaged


Time to close: 0 Days and 1 hours
Informative

Low Exposure of tinyMCE js source code with plugin version disclosure which can leads to exploit further attacks.

Information Disclosure wolfdroid Time to triage: 0 Days and 17 hours


Time to close: 12 Days and 19 hours
Resolved

Critical Local File Download

Improper Access Control - Generic z0mb13 Time to triage: 0 Days and 0 hours


Time to close: 3 Days and 18 hours
Resolved

Medium Line feed injection in get request leads AWS S3 Bucket information disclosure

Information Disclosure aty Time to triage: 24 Days and 19 hours


Time to close: 8 Days and 10 hours
Resolved