Enjoy this fine selection of bagz your fellow bagfinders have submitted. We hope it encourages you to find your own bagz and get rich!
| Severity | Reporter | Description | Got rich? |
|---|---|---|---|
| 1 | Jamie Martensson | HTTP 'Server' header information disclosure. | |
| 4 | Levent Verhappen | SQL-ejection at signup. | |
| 7 | Madelene Danielsson | Self-XSS at file upload. | |
| 10 | Precious van de Graaf | Unsafe serialization. | |
| 5 | Sanna Karlsson | Insecure ciphersuite in TLS connections. | |
| 2 | Irwin J. Rodriguez | Missing HSCORS header. | |
| 9 | Tomi Nurminen | Nginx misconfiguration leads to source code disclosure. |