REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
bobrov
114
linkks
74
geeknik
71
sp1d3rs
62
jobert
54
guido
45
bl4de
42
ryat
40
bigbear_
38
zombiehelp54
37
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
Maker Ecosystem Growth Holding
disclosed a bug submitted by
th3cyb3rc0p
load scripts DOS vulnerability
02 Apr 2020
Open-Xchange
disclosed a bug submitted by
catenacyber
Buffer overread in parse_angle_addr called from message_address_parse_path
02 Apr 2020
SEMrush
disclosed a bug submitted by
ziko_amazigh
Reflected XSS on https://www.semrush.com/my_reports/externalSource/callback/googleAccountsGMB
02 Apr 2020
Vanilla
disclosed a bug submitted by
vivek111
XSS through chat messages
02 Apr 2020
SEMrush
disclosed a bug submitted by
a_d_a_m
IDOR in marketing calendar tool
02 Apr 2020
SEMrush
disclosed a bug submitted by
yashrs
An attacker can buy marketplace articles for lower prices as it allows for negative quantity values leading to business loss
02 Apr 2020
SEMrush
disclosed a bug submitted by
nikitastupin
Content Injection on api.semrush.com to Reflected XSS
02 Apr 2020
Node.js third-party modules
disclosed a bug submitted by
sontungatm
[utils-extend] Prototype pollution
02 Apr 2020
Slack
disclosed a bug submitted by
jhancock
Relative Path Vulnerability Results in Arbitrary Command Execution/Privilege Escalation
01 Apr 2020
Razer
disclosed a bug submitted by
sambal0x
[Razer Pay] Broken Access Control at /v1/verifyPhone/ allows enumeration of usernames and ID information
01 Apr 2020
Razer
disclosed a bug submitted by
p3rr0
Access to support tickets and payment history, impersonate razer support staff
01 Apr 2020
Shopify
disclosed a bug submitted by
ngalog
[Part II] Email Confirmation Bypass in myshop.myshopify.com that Leads to Full Privilege Escalation
01 Apr 2020
Shopify
disclosed a bug submitted by
ngalog
Email Confirmation Bypass in myshop.myshopify.com that Leads to Full Privilege Escalation to Any Shop Owner by Taking Advantage of the Shopify SSO
01 Apr 2020
Shopify
disclosed a bug submitted by
ngalog
Able to Takeover Merchants Accounts Even They Have Already Setup SSO, After Bypassing the Email Confirmation
01 Apr 2020
Ubiquiti Inc.
disclosed a bug submitted by
ajxchapman
UniFi Video web interface Configuration Restore user privilege escalation
01 Apr 2020
Ubiquiti Inc.
disclosed a bug submitted by
ajxchapman
UniFi Video Server web interface admin user Firmware Update path traversal leading to local system compromise
01 Apr 2020
Starbucks
disclosed a bug submitted by
neweq
China - Leaked credentials permitted a limited ability to create Starbucks coupons and cards
01 Apr 2020
Ubiquiti Inc.
disclosed a bug submitted by
b0yd
UniFi Video v3.10.1 (Windows) Local Privileges Escalation to SYSTEM from arbitrary filedelete and DLL hijack vulnerabilities.
01 Apr 2020
Starbucks
disclosed a bug submitted by
0xpatrik
China – Limited Partner PII Regarding Work Scheduling via Unauthenticated API Endpoint
01 Apr 2020
1
2
3
...
419
BY DENIS WERNER - @NOBBD -
IMPRESSUM
