Bounties
Partners
Community
Info
spiral-project / ihatemoney
Project repository
A simple shared budget manager web application
Submit a report
FIRST INTERACTION
WITHIN
29 DAYS
REVIEW
WITHIN
24 DAYS
FIX
WITHIN
28 DAYS
The ihatemoney application allows large characters to insert in the input fiel...
Jul 20th 2022
akshayravic09yc47
•
not applicable
User Enumeration Via Reset Password
Jul 17th 2022
akshayravic09yc47
•
not applicable
Server Side Template Injection On Project Name Field
Jul 17th 2022
akshayravic09yc47
•
pending
XSS On Invite People Form
Jul 20th 2022
akshayravic09yc47
•
duplicate
Medium
Cross-site Scripting (XSS)
Jul 16th 2022
khanhchauminh
•
Medium
Medium
XSS/HTML injection in email
Jul 14th 2022
jhond0e
•
pending
Cross-Site Request Forgery (CSRF)
Jul 14th 2022
tharunavula
•
High
•
$5
High
•
$5
Formula Injection/CSV Injection due to Improper Neutralization of Formula Elemen...
May 14th 2022
iamshooter99
•
Low
Low
Cross-Site Scripting - XSS in invite people functionality
Jun 15th 2022
iamshooter99
•
self closed
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
Oct 10th 2021
0xdhinu
•
Medium
Medium
Reliance on Cookies without Validation and Integrity Checking
Jul 24th 2021
sudheendra17
•
pending
Unimplemented or Unsupported Feature in UI
Oct 10th 2021
ranjit-git
•
High
•
$25
High
•
$25
Cross-Site Request Forgery (CSRF)
Jul 23rd 2021
ranjit-git
•
Critical
•
$25
Critical
•
$25
Cross-Site Request Forgery (CSRF)
Jul 17th 2021
oomb
•
Medium
•
$25
Medium
•
$25
CRITICAL
$0
HIGH
$0
MEDIUM
$0
LOW
$0
