Skip to content

Latest commit

 

History

History
110 lines (106 loc) · 13.3 KB

TOPZOMATO.md

File metadata and controls

110 lines (106 loc) · 13.3 KB

Back

Top reports from Zomato program at HackerOne:

  1. [www.zomato.com] SQLi - /php/██████████ - item_id to Zomato - 267 upvotes, $4500
  2. [www.zomato.com] Availing Zomato Gold membership for free by tampering plan id(s) to Zomato - 215 upvotes, $1000
  3. [www.zomato.com] Blind XSS on one of the Admin Dashboard to Zomato - 204 upvotes, $750
  4. [www.zomato.com] CORS Misconfiguration, could lead to disclosure of sensitive information to Zomato - 194 upvotes, $550
  5. Information Disclosure through Sentry Instance ███████ to Zomato - 165 upvotes, $750
  6. [api.zomato.com] Able to manipulate order amount to Zomato - 128 upvotes, $4500
  7. Able to manipulate order amount by removing cancellation amount and cause financial impact to Zomato - 113 upvotes, $750
  8. Base alpha version code exposure to Zomato - 93 upvotes, $500
  9. [www.zomato.com] Blind XSS in one of the admin dashboard to Zomato - 93 upvotes, $500
  10. Login to any account with the emailaddress to Zomato - 82 upvotes, $1000
  11. credentials leakage in public lead to view dev websites to Zomato - 71 upvotes, $400
  12. [www.zomato.com] Tampering with Order Quantity and paying less amount then actual amount, leads to business loss to Zomato - 60 upvotes, $1500
  13. [www.zomato.com] Blind XSS in one of the Admin Dashboard to Zomato - 59 upvotes, $500
  14. [https://reviews.zomato.com] Time Based SQL Injection to Zomato - 58 upvotes, $1000
  15. [www.zomato.com] SQLi on order_id parameter to Zomato - 56 upvotes, $1000
  16. [www.zomato.com] Union SQLi + Waf Bypass to Zomato - 51 upvotes, $1000
  17. [Zomato Android/iOS] Theft of user session to Zomato - 46 upvotes, $650
  18. IDOR to delete images from other stores to Zomato - 46 upvotes, $600
  19. [auth2.zomato.com] Reflected XSS at oauth2/fallbacks/error | ORY Hydra an OAuth 2.0 and OpenID Connect Provider to Zomato - 41 upvotes, $250
  20. Open AWS S3 bucket leaks all Images uploaded to Zomato chat to Zomato - 40 upvotes, $300
  21. Blind XSS - Report review - Admin panel to Zomato - 34 upvotes, $350
  22. [www.zomato.com] Boolean SQLi - /█████.php to Zomato - 33 upvotes, $1000
  23. [www.zomato.com/dubai/gold] CRITICAL - Allowing arbitrary amount to become a GOLD Member to Zomato - 33 upvotes, $500
  24. [www.zomato.com] Boolean SQLi - /███████.php to Zomato - 32 upvotes, $1000
  25. SSRF in https://www.zomato.com████ allows reading local files and website source code to Zomato - 29 upvotes, $1000
  26. Admin Access to a domain used for development and admin access to internal dashboards on that domain to Zomato - 28 upvotes, $1000
  27. IDOR to cancel any table booking and leak sensitive information such as email,mobile number,uuid to Zomato - 28 upvotes, $250
  28. Self-Stored XSS - Chained with login/logout CSRF to Zomato - 27 upvotes, $300
  29. [www.zomato.com] IDOR - Leaking all Personal Details of all Zomato Users through an endpoint to Zomato - 26 upvotes, $750
  30. [█████████] Hardcoded credentials in Android App to Zomato - 24 upvotes, $500
  31. [www.zomato.com] Privilege Escalation - /php/restaurant_menus_handler.php to Zomato - 24 upvotes, $200
  32. [www.zomato.com] Abusing LocalParams to Inject Code through ███████ query to Zomato - 23 upvotes, $700
  33. Reflected XSS on developers.zomato.com to Zomato - 21 upvotes, $100
  34. SQL Injection, exploitable in boolean mode to Zomato - 20 upvotes, $300
  35. Improper validation allows user to unlock Zomato Gold multiple times at the same restaurant within one day to Zomato - 20 upvotes, $150
  36. Length extension attack leading to HTML injection to Zomato - 20 upvotes, $100
  37. Use any User to Follow you (Increase Followers) [IDOR] to Zomato - 20 upvotes, $50
  38. Unauthorised Access to Anyone's User Account to Zomato - 20 upvotes, $0
  39. [www.zomato.com] Unauthenticated access to Internal Sales Data of Zomato through an unrestricted endpoint to Zomato - 19 upvotes, $250
  40. [www.zomato.com] Privilege Escalation - Control reviews - /████dashboard_handler.php to Zomato - 17 upvotes, $300
  41. CORS Misconfiguration on www.zomato.com to Zomato - 16 upvotes, $0
  42. User Profiles Leak PII in HTML Document for Mobile Browser User Agents to Zomato - 15 upvotes, $500
  43. Phishing user to download malicious app could lead to leakage of User Access Token, Email, Name and Profile photo via exported RemoteService to Zomato - 15 upvotes, $300
  44. [www.zomato.com] IDOR - Delete/Deactivate any special menu of any Restaurants from Zomato to Zomato - 15 upvotes, $100
  45. Free food bug done by burp suite to Zomato - 15 upvotes, $0
  46. Reflected XSS on https://www.zomato.com to Zomato - 14 upvotes, $100
  47. Posting to Twitter CSRF on php/post_twitter_authenticate.php to Zomato - 14 upvotes, $50
  48. takeover a lot of accounts to Zomato - 14 upvotes, $0
  49. Amazon S3 bucket misconfiguration (share) to Zomato - 14 upvotes, $0
  50. Restaurant payment information leakage to Zomato - 13 upvotes, $500
  51. [www.zomato.com] IDOR - Gold Subscription Details, Able to view "Membership ID" and "Validity Details" of other Users to Zomato - 13 upvotes, $100
  52. test.zba.se is vulnerable to SSL POODLE to Zomato - 13 upvotes, $0
  53. Zomato.com Reflected Cross Site Scripting to Zomato - 12 upvotes, $100
  54. Bypass OTP verification when placing Order to Zomato - 11 upvotes, $250
  55. Unauthorized update of merchants' information via /php/merchant_details.php to Zomato - 11 upvotes, $200
  56. [www.zomato.com] IDOR - Delete/Deactivate ANY/ALL Promos through a Post Request at clients/promoDataHandler.php to Zomato - 11 upvotes, $200
  57. Potential server misconfiguration leads to disclosure of vendor/ directory to Zomato - 10 upvotes, $0
  58. Sending Unlimited Emails to anyone from zomato mail server. to Zomato - 10 upvotes, $0
  59. Instagram OAuth2 Implementation Leaks Access Token; Allows for Cross-Site Script Inclusion (XSSI) to Zomato - 9 upvotes, $0
  60. XSS onmouseover to Zomato - 9 upvotes, $0
  61. Twitter Disconnect CSRF to Zomato - 9 upvotes, $0
  62. Reflected XSS on business-blog.zomato.com - Part I to Zomato - 9 upvotes, $0
  63. Open Redirect On Your Login Panel to Zomato - 9 upvotes, $0
  64. Zomato Map server going out of memory while resizing map image to Zomato - 9 upvotes, $0
  65. Mathematical error found in meals for one to Zomato - 9 upvotes, $0
  66. [Zomato's Blog] POST based XSS on https://www.zomato.com/blog/wp-admin/admin-ajax.php?td_theme_name=Newspaper&v=8.2 to Zomato - 8 upvotes, $100
  67. CSRF in the "Add restaurant picture" function to Zomato - 8 upvotes, $50
  68. Stored Cross site scripting to Zomato - 8 upvotes, $0
  69. Bypass OTP verification when placing Order to Zomato - 7 upvotes, $0
  70. [www.zomato.com] Getting a complimentary dessert [Zomato Treats] on ordering a Meal at no cost to Zomato - 6 upvotes, $250
  71. Reflected XSS in Zomato Mobile - category parameter to Zomato - 6 upvotes, $0
  72. Bypassing the SMS sending limit for download app link. to Zomato - 6 upvotes, $0
  73. IDOR in treat subscriptions to Zomato - 5 upvotes, $100
  74. Several XSS affecting Zomato.com and developers.zomato.com to Zomato - 5 upvotes, $0
  75. CSRF AT INVITING PEOPLE THOUGH PHONE NUMBER to Zomato - 5 upvotes, $0
  76. Visibility Robots.txt file to Zomato - 5 upvotes, $0
  77. Reflected XSS on business-blog.zomato.com - Part 2 to Zomato - 5 upvotes, $0
  78. CSRF To Like/Unlike Photos to Zomato - 5 upvotes, $0
  79. Outdated MediaElement.js Reflected Cross-Site Scripting (XSS) to Zomato - 5 upvotes, $0
  80. Subdomain Takeover to Zomato - 4 upvotes, $0
  81. Persistent input validation mail encoding vulnerability in the "just followed you" email notification. to Zomato - 4 upvotes, $0
  82. Reflected Cross-Site Scripting in www.zomato.com/php/instagram_tag_relay to Zomato - 4 upvotes, $0
  83. MailPoet Newsletters <= 2.7.2 - Authenticated Reflected Cross-Site Scripting (XSS) to Zomato - 4 upvotes, $0
  84. XSS in flashmediaelement.swf (business-blog.zomato.com) to Zomato - 4 upvotes, $0
  85. xss found in zomato to Zomato - 4 upvotes, $0
  86. CSRF AT SELECTING ZAMATO HANDLE to Zomato - 3 upvotes, $0
  87. XSS on zomato.com to Zomato - 3 upvotes, $0
  88. Clickjacking login page of http://book.zomato.com/ to Zomato - 3 upvotes, $0
  89. NexTable: Credentials exposure to Zomato - 3 upvotes, $0
  90. Clickjacking: Delete Account, Change privacy settings, Rate business, follow/unfollow (IE) to Zomato - 3 upvotes, $0
  91. Authentication Bypassing and Sensitive Information Disclosure on Verify Email Address in Registration Flow to Zomato - 2 upvotes, $0
  92. CSS to Zomato - 2 upvotes, $0
  93. URL is vulnerable to clickjacking to Zomato - 2 upvotes, $0
  94. XSS in "explore-keywords-dropdown" results. to Zomato - 2 upvotes, $0
  95. Cross Site Scripting - type Patameter to Zomato - 1 upvotes, $0
  96. Remote File Upload Vulnerability in business-blog.zomato.com to Zomato - 1 upvotes, $0
  97. Weak Password Policy to Zomato - 1 upvotes, $0
  98. XSS and CSRF in Zomato Contact form to Zomato - 1 upvotes, $0
  99. Reflected XSS on Zomato API to Zomato - 1 upvotes, $0
  100. Persistent XSS on Reservation / Booking Page to Zomato - 1 upvotes, $0
  101. Two XSS vulns in widget parameters (all_collections.php and o2.php) to Zomato - 1 upvotes, $0
  102. Unvalidated redirect on user profile website to Zomato - 1 upvotes, $0
  103. XSS via modified Zomato widget (res_search_widget.php) to Zomato - 0 upvotes, $0

Back