Skip to content

Latest commit

 

History

History
241 lines (240 loc) · 31.2 KB

TOPUBER.md

File metadata and controls

241 lines (240 loc) · 31.2 KB
Raw

Top reports from Uber program at HackerOne:

  1. Sensitive user information disclosure at bonjour.uber.com/marketplace/_rpc via the 'userUuid' parameter to Uber - 622 upvotes, $0
  2. Chained Bugs to Leak Victim's Uber's FB Oauth Token to Uber - 404 upvotes, $7500
  3. Reflected XSS and sensitive data exposure, including payment details, on lioncityrentals.com.sg to Uber - 371 upvotes, $4000
  4. [Pre-Submission][H1-4420-2019] API access to Phabricator on code.uberinternal.com from leaked certificate in git repo to Uber - 331 upvotes, $39999
  5. RCE via npm misconfig -- installing internal libraries from the public registry to Uber - 318 upvotes, $9000
  6. Change any Uber user's password through /rt/users/passwordless-signup - Account Takeover (critical) to Uber - 296 upvotes, $0
  7. XSS At "pages.et.uber.com" to Uber - 228 upvotes, $0
  8. Stored XSS in developer.uber.com to Uber - 214 upvotes, $7500
  9. Unauthorized access to █████████.com allows access to Uber Brazil tax documents and system. to Uber - 197 upvotes, $4500
  10. Authentication bypass on auth.uber.com via subdomain takeover of saostatic.uber.com to Uber - 168 upvotes, $0
  11. Reading Emails in Uber Subdomains to Uber - 139 upvotes, $0
  12. Open Redirect on central.uber.com allows for account takeover to Uber - 130 upvotes, $8000
  13. [First 30] Stored XSS on login.uber.com/oauth/v2/authorize via redirect_uri parameter to Uber - 120 upvotes, $3000
  14. Client secret, server tokens for developer applications returned by internal API to Uber - 118 upvotes, $0
  15. Reflected XSS on https://www.uber.com to Uber - 112 upvotes, $0
  16. ubernycmarketplace.com is vulnerable to the Heartbleed Bug to Uber - 109 upvotes, $1500
  17. uber.com may RCE by Flask Jinja2 Template Injection to Uber - 108 upvotes, $10000
  18. IDOR leads to leak analytics of any restaurant to Uber - 105 upvotes, $2000
  19. Stored XSS on any page in most Uber domains to Uber - 103 upvotes, $6000
  20. IDOR leads to See analytics of Loyalty Program in any restaurant. to Uber - 96 upvotes, $1500
  21. password reset token leaking allowed for ATO of an Uber account to Uber - 88 upvotes, $0
  22. private passenger information is exposed to the Uber Driver app during ride dispatch ("Ping") events to Uber - 87 upvotes, $0
  23. SAML Authentication Bypass on uchat.uberinternal.com to Uber - 83 upvotes, $8500
  24. SQL Injection on sctrack.email.uber.com.cn to Uber - 83 upvotes, $4000
  25. [CRITICAL] -- Complete Account Takeover to Uber - 82 upvotes, $8000
  26. Possibility to get private email using UUID to Uber - 82 upvotes, $0
  27. Complete Admin account takeover due to PhpDebugBar turned on in Uber's production server to Uber - 80 upvotes, $2750
  28. Subdomain takeover at signup.uber.com to Uber - 78 upvotes, $0
  29. Pre-auth Remote Code Execution on multiple Uber SSL VPN servers to Uber - 77 upvotes, $2000
  30. Lack of proper paymentProfileUUID validation allows any number of free rides without any outstanding balance to Uber - 75 upvotes, $0
  31. OneLogin authentication bypass on WordPress sites via XMLRPC to Uber - 73 upvotes, $7000
  32. Changing paymentProfileUuid when booking a trip allows free rides to Uber - 72 upvotes, $0
  33. Open AWS S3 bucket at ubergreece.s3.amazonaws.com exposes confidential internal documents and files to Uber - 68 upvotes, $500
  34. Subdomain takeover on rider.uber.com due to non-existent distribution on Cloudfront to Uber - 66 upvotes, $0
  35. Lack of payment type validation in dial.uber.com allows for free rides to Uber - 65 upvotes, $0
  36. xss in https://www.uber.com to Uber - 64 upvotes, $0
  37. Hack The World 2017 Top 2 Bonus to Uber - 61 upvotes, $5000
  38. Authorization issue in Google G Suite allows DoS through HTTP redirect to Uber - 61 upvotes, $0
  39. SQL injection in 3rd party software Anomali to Uber - 57 upvotes, $2500
  40. Blind OOB XXE At "http://ubermovement.com/" to Uber - 55 upvotes, $500
  41. Chain of IDORs Between U4B and Vouchers APIs Allows Attackers to View and Modify Program/Voucher Policies and to Obtain Organization Employees' PII to Uber - 55 upvotes, $0
  42. Multiple vulnerabilities in a WordPress plugin at drive.uber.com to Uber - 54 upvotes, $0
  43. Unrestricted File Upload Results in Cross-Site Scripting Attacks to Uber - 54 upvotes, $0
  44. [manage.jumpbikes.com] Blind XSS on Jump admin panel via user name to Uber - 53 upvotes, $0
  45. OneLogin authentication bypass on WordPress sites to Uber - 51 upvotes, $10000
  46. Possibility to inject a malicious JavaScript code in any file on tags.tiqcdn.com results in a stored XSS on any page in most Uber domains to Uber - 49 upvotes, $6000
  47. Chain of vulnerabilities in Uber for Business Vouchers program allows for attacker to perform arbitrary charges to victim's U4B payment account to Uber - 48 upvotes, $5750
  48. Critical Information disclosure of rtapi token for any user via https://video-support-staging.uber.com/video/api/getPopulousUser to Uber - 47 upvotes, $0
  49. Stored XSS on auth.uber.com/oauth/v2/authorize via redirect_uri parameter leads to Account Takeover to Uber - 46 upvotes, $3000
  50. Avoiding Surge Pricing to Uber - 45 upvotes, $0
  51. [uchat.uberinternals.com] Mattermost doesn't check Origin in Websockets, which leads to the Critical Inforamation Leakage. to Uber - 43 upvotes, $2000
  52. SQLI on uberpartner.eu leads to exposure of sensitive user data of Uber partners to Uber - 41 upvotes, $1500
  53. Publicly exposed HashiCorp Vault (Secrets management) at usec-gcp-staging.uberinternal.com & usec-gcp.uberinternal.com to Uber - 41 upvotes, $0
  54. Reflected XSS on multiple uberinternal.com domains to Uber - 38 upvotes, $2000
  55. Reflected XSS in lert.uber.com to Uber - 38 upvotes, $0
  56. SQL injection in Wordpress Plugin Huge IT Video Gallery at https://drive.uber.com/frmarketplace/ to Uber - 37 upvotes, $3000
  57. Reflected XSS on https://www.uber.com to Uber - 37 upvotes, $1000
  58. CVE-2020-3452 - unauthenticated file read on anyconnect.routematch.com to Uber - 37 upvotes, $500
  59. Attacker could setup reminder remotely using brute force to Uber - 36 upvotes, $0
  60. Change the rating of any trip, therefore change the average driver rating to Uber - 35 upvotes, $1500
  61. Stealing users password (Limited Scenario) to Uber - 35 upvotes, $0
  62. phone number exposure for riders/drivers given email/uuid to Uber - 35 upvotes, $0
  63. Arbitrary File Reading on Uber SSL VPN to Uber - 34 upvotes, $6500
  64. Possibility to brute force invite codes in riders.uber.com to Uber - 34 upvotes, $5000
  65. Stored XSS on developer.uber.com via admin account compromise to Uber - 34 upvotes, $5000
  66. DOM based XSS via insecure parameter on [ https://uberpay-mock-psp.uber.com ] to Uber - 33 upvotes, $1420
  67. Reflected XSS on developer.uber.com via Angular template injection to Uber - 32 upvotes, $3000
  68. Full Path and internal information disclosure+ SQLNet.log file disclose internal network information to Uber - 32 upvotes, $0
  69. Reflected XSS on Partners Subdomain to Uber - 31 upvotes, $2000
  70. API on campus-vtc.com allows access to ~100 Uber users full names, email addresses and telephone numbers. to Uber - 31 upvotes, $750
  71. Site-wide CSRF on eats.uber.com to Uber - 30 upvotes, $6000
  72. Reflected XSS POST method at partners.uber.com to Uber - 30 upvotes, $3000
  73. Information Leakage - GitHub - VCenter configuration scripts, StorMagic usernames and password along with default ESXi root password to Uber - 28 upvotes, $1000
  74. HTML injection via insecure parameter [https://www.ubercarshare.com/] to Uber - 28 upvotes, $650
  75. 4 Subdomains Takeover on 2 domains ( muberscolombia.com & ubereats.pl ) to Uber - 28 upvotes, $500
  76. [data-07.uberinternal.com] SSRF in Portainer app lead to access to Internal Docker API without Auth to Uber - 28 upvotes, $500
  77. pam_ussh does not properly validate the SSH certificate authority to Uber - 28 upvotes, $0
  78. Improper Access Control on Onelogin in multi-layered architecture to Uber - 27 upvotes, $500
  79. Subdomain takeover on mta1a1.spmail.uber.com to Uber - 27 upvotes, $0
  80. Exposed█████████in apk file - devbuilds.uber.com to Uber - 27 upvotes, $0
  81. Corss-Tenant IDOR on Business allowing escalation privilege, invitation takeover, and edition of any other Businesses' employees to Uber - 27 upvotes, $0
  82. SQLI on desafio5estrelas.com to Uber - 26 upvotes, $2500
  83. duplicate hsts headers lead to firefox ignoring hsts on business.uber.com to Uber - 26 upvotes, $500
  84. Full read SSRF in flyte-poc-us-east4.uberinternal.com to Uber - 25 upvotes, $2000
  85. Outdated Wordpress installation and plugins at www.uberxgermany.com create CSRF and XSS vulnerabilities to Uber - 25 upvotes, $500
  86. Possible to View Driver Waybill via Driver UUID to Uber - 24 upvotes, $0
  87. Possibility to enumerate and bruteforce promotion codes in Uber iOS App to Uber - 23 upvotes, $3000
  88. Get organization info base on uuid to Uber - 22 upvotes, $3000
  89. pam-ussh may be tricked into using another logged in user's ssh-agent to Uber - 22 upvotes, $0
  90. Subdomain takeover of translate.uber.com, de.uber.com and fr.uber.com to Uber - 21 upvotes, $0
  91. CBC "cut and paste" attack may cause Open Redirect(even XSS) to Uber - 20 upvotes, $500
  92. XSS @ love.uber.com to Uber - 19 upvotes, $3000
  93. Cleartext password exposure allows access to the desafio5estrelas.com admin panel to Uber - 19 upvotes, $500
  94. Stored XSS on newsroom.uber.com admin panel / Stream WordPress plugin to Uber - 18 upvotes, $5000
  95. IDOR in activateFuelCard id allows bulk lookup of driver uuids to Uber - 18 upvotes, $0
  96. Uber Test Report 20220301 to Uber - 18 upvotes, $0
  97. XSS on partners.uber.com due to no user input sanitisation to Uber - 17 upvotes, $1000
  98. Multiple Vulnerabilities (Including SQLi) in love.uber.com to Uber - 17 upvotes, $250
  99. deleting payment profile during active trip puts account into arrears but active trip is temporarily “free” to Uber - 17 upvotes, $0
  100. Privacy policy contains hardcoded link using unencrypted HTTP to Uber - 17 upvotes, $0
  101. Reflected XSS in https://eng.uberinternal.com and https://coeshift.corp.uber.internal/ to Uber - 16 upvotes, $500
  102. IDOR on partners.uber.com allows for a driver to override administrator documents to Uber - 15 upvotes, $500
  103. Information regarding trips from other users to Uber - 15 upvotes, $0
  104. Uber employees are sharing information on productforums.google.com to Uber - 15 upvotes, $0
  105. Golang expvar Information Disclosure to Uber - 15 upvotes, $0
  106. xss vulnerability in http://ubermovement.com/community/daniel to Uber - 14 upvotes, $0
  107. Missing authorization checks leading to the exposure of ubernihao.com administrator accounts to Uber - 14 upvotes, $0
  108. Chained vulnerabilities create DOS attack against users on desafio5estrelas.com to Uber - 13 upvotes, $1000
  109. Lack of CNAME/A Record Trimming Pointing Uber Domains to Insecure Non-Uber AWS Instances/Sites to Uber - 13 upvotes, $0
  110. SMS/Call spamming due to truncated phone number to Uber - 13 upvotes, $0
  111. Lack of CSRF protection on uberps.com makes every form vulnerable to CSRF to Uber - 12 upvotes, $500
  112. Server version disclosure to Uber - 12 upvotes, $0
  113. Cookie Bombing cause DOS - businesses.uber.com to Uber - 12 upvotes, $0
  114. Exposed Golang Pprof debugger at https://cn-geo1.uber.com/ to Uber - 12 upvotes, $0
  115. Lack of rate limiting on get.uber.com leads to enumeration of promotion codes and estimation of a lower bound on the number of Uber drivers to Uber - 11 upvotes, $3000
  116. XSS in ubermovement.com via editable Google Sheets to Uber - 11 upvotes, $2000
  117. Access to SQL server of ubergreen.pt through password disclosure from different domain on same IP to Uber - 11 upvotes, $750
  118. Unsecured Dropwizard Admin Panel on display.uber-adsystem.com exposes sensitive server information to Uber - 11 upvotes, $500
  119. Bulk UUID enumeration via invite codes to Uber - 11 upvotes, $0
  120. Session not expired When logout [partners.uber.com] to Uber - 11 upvotes, $0
  121. No rate limiting on https://biz.uber.com/confirm allowed an attacker to join arbitrary business.uber.com accounts to Uber - 11 upvotes, $0
  122. Request Access for Uber Device Returns Management Platform (https://www.eats-devicereturns.com/request-access/) Bypass Allows Access to PII to Uber - 11 upvotes, $0
  123. Delay of arrears notification allows Riders to take multiple rides without paying to Uber - 10 upvotes, $0
  124. Open redirect on rush.uber.com, business.uber.com, and help.uber.com to Uber - 10 upvotes, $0
  125. Open Redirect in m.uber.com to Uber - 9 upvotes, $500
  126. Open Redirect in riders.uber.com to Uber - 9 upvotes, $500
  127. Full path disclosure on track.uber.com to Uber - 9 upvotes, $100
  128. Bruteforce INVITE codes easy way to Uber - 9 upvotes, $0
  129. Reflected XSS via Unvalidated / Open Redirect in uber.com to Uber - 8 upvotes, $3000
  130. [IODR] Get business trip via organization id to Uber - 8 upvotes, $2000
  131. Open Redirection on Uber.com to Uber - 8 upvotes, $500
  132. Listing of email addresses of whitelisted business users visible at business.uber.com to Uber - 8 upvotes, $250
  133. Reflected XSS on Uber.com careers to Uber - 8 upvotes, $0
  134. Bypassing Uber Partner's 3 Cancel Limit to Uber - 8 upvotes, $0
  135. Physical Access to Mobile App Allows Local Attribute Updates without Authentication to Uber - 8 upvotes, $0
  136. [usuppliers.uber.com] - Server Side Request Forgery via XXE OOB to Uber - 8 upvotes, $0
  137. Stored XSS in drive.uber.com WordPress admin panel to Uber - 7 upvotes, $2000
  138. Can add employee in business.uber.com without add payment method to Uber - 7 upvotes, $0
  139. The Microsoft Store Uber App Does Not Implement Certificate Pinning to Uber - 7 upvotes, $0
  140. Information Leak - GitHub - Endpoint Configuration Details to Uber - 7 upvotes, $0
  141. SMS URL verification link does not expire on phone number change and lacks rate limiting to Uber - 7 upvotes, $0
  142. stack trace exposed on https://receipts.uber.com/ to Uber - 7 upvotes, $0
  143. Mass Assignment Vulnerability in partners.uber.com to Uber - 6 upvotes, $1000
  144. ability to retrieve a user's phone-number/email for a given inviteCode to Uber - 6 upvotes, $1000
  145. Stored Cross Site Scripting [SELF] in partners.uber.com to Uber - 6 upvotes, $0
  146. newsroom.uber.com is vulnerable to 'SOME' XSS attack via plupload.flash.swf to Uber - 6 upvotes, $0
  147. Users can falsely declare their own Uber account info on the monthly billing application to Uber - 6 upvotes, $0
  148. It's possible to view configuration and/or source code on uchat.awscorp.uberinternal.com without to Uber - 6 upvotes, $0
  149. Google Maps API Key Leakage to Uber - 6 upvotes, $0
  150. Stored XSS in archive.uber.com Due to Injection of Javascript:alert(0) to Uber - 5 upvotes, $3000
  151. Reflected XSS via Livefyre Media Wall in newsroom.uber.com to Uber - 5 upvotes, $2000
  152. Email Address Enumeration to Uber - 5 upvotes, $0
  153. Requested and received edit access to Google form to Uber - 5 upvotes, $0
  154. reopen #128853 (Information disclosure at lite.uber.com) to Uber - 5 upvotes, $0
  155. Content injection on 404 error page at faspex.uber.com to Uber - 5 upvotes, $0
  156. muber-id Query Parameter Can Generate SSL-protected Reflected XSS in https://m.uber.com/0-dfffb25d2cf6ceeb0a27.js Endpoint to Uber - 5 upvotes, $0
  157. lert.uber.com: Few default folders/files of AURA Framework are accessible to Uber - 5 upvotes, $0
  158. [experience.uber.com] Node.js source code disclosure & anonymous access to internal Uber documents, templates and tools to Uber - 5 upvotes, $0
  159. XSS in getrush.uber.com to Uber - 4 upvotes, $3000
  160. CSV Injection in business.uber.com to Uber - 4 upvotes, $1000
  161. XSS on partners.uber.com to Uber - 4 upvotes, $500
  162. Thumbor misconfiguration at blogapi.uber.com can lead to DoS to Uber - 4 upvotes, $500
  163. Dom Based Xss to Uber - 4 upvotes, $0
  164. Compromising Atlassian Confluence (team.uberinternal.com) via WordPress (newsroom.uber.com) to Uber - 4 upvotes, $0
  165. Disclosure of ways to the site root to Uber - 4 upvotes, $0
  166. Use Partner/Driver App Without Being Activated to Uber - 4 upvotes, $0
  167. Uber is Flooding my Mobile with SMS Daily like a cron JOB to Uber - 4 upvotes, $0
  168. XSS in uber oauth to Uber - 4 upvotes, $0
  169. XSS via password recovering to Uber - 4 upvotes, $0
  170. XSS in people.uber.com to Uber - 4 upvotes, $0
  171. Configuration and/or source code files on uchat-staging.uberinternal.com can be viewed without OneLogin SSO Authentication to Uber - 4 upvotes, $0
  172. Wordpress Vulnerabilities in transparencyreport.uber.com and eng.uber.com domains to Uber - 3 upvotes, $1000
  173. Brute-Forcing invite codes in partners.uber.com to Uber - 3 upvotes, $750
  174. Drivers can change profile picture to Uber - 3 upvotes, $500
  175. Issue with Password reset functionality to Uber - 3 upvotes, $100
  176. LIsting of http://archive.uber.com/pypi/simple/ to Uber - 3 upvotes, $0
  177. SQLi in love.uber.com to Uber - 3 upvotes, $0
  178. CSRF on eng.uber.com may lead to server-side compromise to Uber - 3 upvotes, $0
  179. CRLF Injection in developer.uber.com to Uber - 3 upvotes, $0
  180. Self-XSS Vulnerability on Password Reset Form to Uber - 3 upvotes, $0
  181. Unsubscribe any user from receiving email to Uber - 3 upvotes, $0
  182. Phone Number Enumeration to Uber - 3 upvotes, $0
  183. Newsroom.uber HTML form without CSRF protection to Uber - 3 upvotes, $0
  184. Information Disclosure on lite.uber.com to Uber - 3 upvotes, $0
  185. Header Injection to Uber - 3 upvotes, $0
  186. Text Only Content Spoofing on ubermovement.com Community Page to Uber - 3 upvotes, $0
  187. Defect-Security | Driver-Broken Authentication | Able to update the Subscription Setting anonymously to Uber - 3 upvotes, $0
  188. text injection in get.uber.com/check-otp to Uber - 3 upvotes, $0
  189. The Microsoft Store Uber App Does Not Implement Server-side Token Revocation to Uber - 3 upvotes, $0
  190. The Uber Promo Customer Endpoint Does Not Implement Multifactor Authentication, Blacklisting or Rate Limiting to Uber - 3 upvotes, $0
  191. SSL-protected Reflected XSS in https://m.uber.com/0-dfffb25d2cf6ceeb0a27.js Endpoint to Uber - 3 upvotes, $0
  192. SSL-protected Reflected XSS in m.uber.com to Uber - 3 upvotes, $0
  193. SSL-protected Reflected XSS in https://m.uber.com/0-dfffb25d2cf6ceeb0a27.js Endpoint to Uber - 3 upvotes, $0
  194. udi-id Query Parameter Can Generate SSL-protected Reflected XSS in https://m.uber.com/0-dfffb25d2cf6ceeb0a27.js Endpoint to Uber - 3 upvotes, $0
  195. lite:sess Query Parameter Can Generate SSL-protected Reflected XSS in https://m.uber.com/0-dfffb25d2cf6ceeb0a27.js Endpoint to Uber - 3 upvotes, $0
  196. Estimation of a Lower Bound on Number of Uber Drivers via Enumeration to Uber - 2 upvotes, $500
  197. HTML Escaping Error in the 404 Page on developer.uber.com/docs/ to Uber - 2 upvotes, $0
  198. It is possible to re-rate a driver after a very long time to Uber - 2 upvotes, $0
  199. Pixel flood attack in https://riders.uber.com/profile to Uber - 2 upvotes, $0
  200. Password Reset Does Not Confirm the Existence of an Email Address to Uber - 2 upvotes, $0
  201. Enumerating userIDs with phone numbers to Uber - 2 upvotes, $0
  202. Active Email Hyperlink Sent on riders.uber.com to Uber - 2 upvotes, $0
  203. Disclosure of ip addresses in local network of uber to Uber - 2 upvotes, $0
  204. Information disclosure at lite.uber.com to Uber - 2 upvotes, $0
  205. faspex.uber.com uses an invalid SSL certificate to Uber - 2 upvotes, $0
  206. Server version disclosure: team.uberinternal.com to Uber - 2 upvotes, $0
  207. Email Enumeration Vulnerability to Uber - 2 upvotes, $0
  208. Uber for Business Allows Administrators to Change Uber Driver Ratings Due to Failure to Authenticate fast-rating Endpoint to Uber - 2 upvotes, $0
  209. Missing authentication on Notification setting . to Uber - 2 upvotes, $0
  210. Disclosure of Co-Rider user (Uber-pooling) profile picture at Amazon AWS Cloudfront within HTTP RESPONSE to Uber - 2 upvotes, $0
  211. XSS In archive.uber.com Due to Mime Sniffing in IE to Uber - 1 upvotes, $750
  212. Easy spam with USE My PHONE Feature to Uber - 1 upvotes, $250
  213. Cross-site Scripting (XSS) autocomplete generation in https://www.uber.com/ to Uber - 1 upvotes, $0
  214. Cross-site Scripting (XSS) to Uber - 1 upvotes, $0
  215. XSS on love.uber.com to Uber - 1 upvotes, $0
  216. Session retention is present which reveals the customer info to Uber - 1 upvotes, $0
  217. CrashPlan Backup is Vulnerable Allowing to a DoS Attack Against Uber's Backups to backup.uber.com to Uber - 1 upvotes, $0
  218. DOM based XSS on to Uber - 1 upvotes, $0
  219. Create account in uber without signup form to Uber - 1 upvotes, $0
  220. Privilege escalation to allow non activated users to login and use uber partner ios app to Uber - 1 upvotes, $0
  221. Uber password reset link EMAIL FLOOD to Uber - 1 upvotes, $0
  222. Uploading Plain Text to uber-documents.s3.amazonaws.com Through the Driver Document Upload Page to Uber - 1 upvotes, $0
  223. Changing Driver Passwords With Only an Authenticated Session (no password, no email) to Uber - 1 upvotes, $0
  224. SMS Flood with Update Profile to Uber - 1 upvotes, $0
  225. Brute Forcing rider-view Endpoint Allows for Counting Number of Active Uber Drivers to Uber - 1 upvotes, $0
  226. Session Impersonation in riders.uber.com to Uber - 1 upvotes, $0
  227. developer.uber.com/404 and developer.uber.com/docs/404 are susceptible to iframes to Uber - 1 upvotes, $0
  228. Unauthorized file (invoice) download to Uber - 1 upvotes, $0
  229. Authentication Issue for easter egg on bonjour.uber.com to Uber - 1 upvotes, $0
  230. Command Injection, Information to Uber - 1 upvotes, $0
  231. Self-XSS in Partners Profile to Uber - 1 upvotes, $0
  232. Error Message on 404 page to Uber - 1 upvotes, $0
  233. Clickjacking in love.uber.com to Uber - 1 upvotes, $0
  234. Stored self-XSS at m.uber.com to Uber - 1 upvotes, $0
  235. User credentials are not strong on vault.uber.com to Uber - 1 upvotes, $0
  236. Self-XSS on partners.uber.com to Uber - 1 upvotes, $0
  237. Brute Force Amplification Attack to Uber - 1 upvotes, $0
  238. User Enumeration and Information Disclosure to Uber - 1 upvotes, $0
  239. Design Issue at riders.uber.com/profile to Uber - 1 upvotes, $0