Hi admin,x1admin wrote: ↑Mon Aug 26, 2019 10:11 amWe already replied to you about this vulnerabilities0xr0cky wrote: ↑Fri Aug 23, 2019 2:35 pmHello admin,
I apologize for asking several times: can you check these IAC submissions, please? They are still rejected, but vulnerable. I've commented them in the report, sorry for the high number.
- 926522
- 925976
- 925975
- 925973
- 925972
- 925970
- 925969
- 925968
- 925967
- 925966
- 925965
- 925964
- 925962
- 925961
- 925960
Thank you, bye!
sorry but there must be a misunderstanding.
I have not received any replies for which these vulnerabilities have all been rejected: I asked for checking on Aug 05 (nothing), then re-asked via PM on Aug 09 and on Aug 16 (nothing), then re-asked now...I was simply ignored. I have also waited so long not to put pressure, because I know you have a high workload.
You answered only one PM to me on August 9th but for an old report, older than these (I am referring to 925952 ... among other things, I also did not understand why it was rejected, if the same vulnerability for others domains have been accepted in the past both to me and to other users: simply, if it is not considered an important vulnerability and to be reported for OpenBugBounty ok, just know, I was only asking explicitly for this, without being ignored).
So, PLEASE, can you really check all the vulns above? For example 926522 is about an error that prints PHP code on the screen; or 926485 is important because I can access to system log, private server info, I can clear all the current sessions on the web server and launch the garbage collector! Is this not a sufficiently serious vulnerability?
Sorry, I apologize for boring you. Thank you very much and keep up the good work!
Cheers.