Japz DivinoinPinoy White HatRedacted usernames disclosure in "Export as .pdf" featureSeverity: Low (3.4) Weakness: Sensitive Information Disclosure Bounty: $5004 min read·Aug 7, 2023----
Japz DivinoinPinoy White HatGetting email address of any HackerOne user worth $7,500Severity: High (7.5) Weakness: Sensitive Information Disclosure Bounty: Duplicate (First researcher receives $7,500)5 min read·Jul 4, 2023--1--1
Japz DivinoinPinoy White HatBypass HackerOne 2FA requirement and reporter blacklistSeverity: Medium (5.0) — High (7.1) Weakness: Improper Authorization Bounty: $10,000 Summary:4 min read·Oct 31, 2018--5--5
Japz DivinoinPinoy White HatHarvesting all private invites using leave program fast-tracked invitation and security@ email…Severity: Medium (6.1) Weakness: Business Logic Errors (CWE-840)3 min read·Oct 22, 2018--2--2
Japz DivinoinPinoy White HatSecurity teams Internal attachments can be exported via “Export as .zip” feature on HackerOneHello Internet, this blog is about my findings on hackerone own bug bounty program late 2016, a simple information disclosure which…4 min read·Oct 17, 2018----
Japz DivinoinPinoy White HatIDOR on HackerOne Hacker Review “What Program Say”Severity: Low4 min read·Sep 2, 2017----