REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
bobrov
117
geeknik
79
linkks
75
sp1d3rs
68
jobert
66
someonenobbd
60
jon_bottarini
49
netfuzzer
48
haxta4ok00
48
ryat
47
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
Kubernetes
disclosed a bug submitted by
amlweems
Ingress-nginx annotation injection allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces
13 Aug 2022
Showmax
disclosed a bug submitted by
miron666
Reflected XSS at https://stories.showmax.com/wp-content/themes/theme-internal_ss/blocks/ajax/a.php via `ss_country_filter` param
12 Aug 2022
Internet Bug Bounty
disclosed a bug submitted by
s1r1u5
Disabling context isolation, nodeIntegrationInSubFrames using an unauthorised frame.
11 Aug 2022
Shopify
disclosed a bug submitted by
0x50d
Admin panel Exposure without credential at https://plus-website.shopifycloud.com/admin.php
11 Aug 2022
Top Echelon Software
disclosed a bug submitted by
hammodmt
Wordpress Users Disclosure (/wp-json/wp/v2/users/)
11 Aug 2022
Hyperledger
disclosed a bug submitted by
bhaskar_ram
fix(security):Path Traversal Bug
11 Aug 2022
Top Echelon Software
disclosed a bug submitted by
sohelahmed786
Disable xmlrpc.php file
11 Aug 2022
PortSwigger Web Security
disclosed a bug submitted by
mr_vrush
Redirection in Repeater & Intruder Tab
11 Aug 2022
Hyperledger
disclosed a bug submitted by
cet2000
many commands can be manipulated to delete identities or affiliations
10 Aug 2022
Acronis
disclosed a bug submitted by
mega7
Read-only administrator can change agent update settings
10 Aug 2022
Glassdoor
disclosed a bug submitted by
emanelyazji
[CRITICAL] Full account takeover without user interaction on sign with Apple flow
09 Aug 2022
HackerOne
disclosed a bug submitted by
jobert
Ability to escape database transaction through SQL injection, leading to arbitrary code execution
09 Aug 2022
Top Echelon Software
disclosed a bug submitted by
anonymmert12
xmlrpc.php FILE IS enable it will used for Bruteforce attack and Denial of Service(DoS)
08 Aug 2022
Nextcloud
disclosed a bug submitted by
error2001
Lack of Rate limit while joining video call in talk section which is password protected
08 Aug 2022
RATELIMITED
disclosed a bug submitted by
codeslayer137
HTTP PUT method is enabled downloader.ratelimited.me
07 Aug 2022
Omise
disclosed a bug submitted by
codeslayer137
Anonymous access control - Payments Status
07 Aug 2022
Hyperledger
disclosed a bug submitted by
freskimo
RCE vulnerability in Hyperledger Fabric SDK for Java
06 Aug 2022
Hyperledger
disclosed a bug submitted by
mttrbrts
Enrolling to a CA that returns an empty response crashes the node process
06 Aug 2022
Hyperledger
disclosed a bug submitted by
xiaoc
Brute Force of fabric-ca server admin account
06 Aug 2022
1
2
3
...
620
BY DENIS WERNER - @NOBBD -
IMPRESSUM