REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
58
b'ooooooo_q'
51
b'haxta4ok00'
49
b'jon_bottarini'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Drugs.com'
disclosed a bug submitted by
b'dedoxd2'
b'2FA Bypass leads to impersonation of legimate users'
14 Mar 2025
b'Autodesk'
disclosed a bug submitted by
b'the-white-evil'
b'Stored Cross-Site Scripting found in custom integration app on https://admin.b360.autodesk.com.'
14 Mar 2025
b'MercadoLibre'
disclosed a bug submitted by
b'elmago'
b'Stored Cross-Site Scripting in mercadopago.com.ar'
13 Mar 2025
b'HackerOne'
disclosed a bug submitted by
b'sarthakbhingare015'
b'Domain highlighting on External link warning is not working on Chrome & Microsoft Edge browsers on Mobile'
13 Mar 2025
b'PortSwigger Web Security'
disclosed a bug submitted by
b'floyd'
b'cgi scripts wordlist entry for windmail.exe has payload that sends arbitrary file read result to third-party'
13 Mar 2025
b'AWS VDP'
disclosed a bug submitted by
b'nick_frichette_dd'
b'Non-Production API Endpoints for the DocumentDB Elastic Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration'
11 Mar 2025
b'Urban Dictionary'
disclosed a bug submitted by
b'osama-hamad'
b'CSRF to Reflected XSS at echo.urbandictionary.biz via spoofing content type'
11 Mar 2025
b'Shopify'
disclosed a bug submitted by
b'kun_19'
b'Account Takeover Vulnerability in Shopify Collabs Platform Due to Missing Email Verification'
11 Mar 2025
b'Internet Bug Bounty'
disclosed a bug submitted by
b'stonksy'
b'Deadlock in x86 HVM standard VGA handling'
07 Mar 2025
b'Internet Bug Bounty'
disclosed a bug submitted by
b'scyoon'
b'Possible ReDoS vulnerability in query parameter filtering in Action Dispatch'
07 Mar 2025
b'MercadoLibre'
disclosed a bug submitted by
b'capablanca0'
b'Sale cancellations from other sellers without restrictions'
06 Mar 2025
b'Autodesk'
disclosed a bug submitted by
b'kanon4'
b'Exposing debug.log file leads to server full path disclosure'
06 Mar 2025
b'MTN Group'
disclosed a bug submitted by
b'almuntadhar'
b'SQLi | in URL paths'
06 Mar 2025
b'curl'
disclosed a bug submitted by
b'catenacyber'
b'Use after free (read) in curl_multi_perform with DoH and Proxy options, and resolve timeouts'
06 Mar 2025
b'AWS VDP'
disclosed a bug submitted by
b'xendaviour'
b'Session Timeout Does Not Enforce Re-Authentication on AWS Access Portal'
05 Mar 2025
b'Autodesk'
disclosed a bug submitted by
b'khoof'
b'CVE-2023-5561 on Payapps.com'
05 Mar 2025
b'AWS VDP'
disclosed a bug submitted by
b'nick_frichette_dd'
b'Non-Production API Endpoints for the Device Farm Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration'
04 Mar 2025
b'AWS VDP'
disclosed a bug submitted by
b'hemant1'
b'Sensitive API Key Leakage'
04 Mar 2025
b'MTN Group'
disclosed a bug submitted by
b'trev0ck'
b'Ability to Add and Verify Uncontrolled Mobile Numbers Leading to Account Takeover (ATO)'
04 Mar 2025
1
2
3
...
723
BY DENIS WERNER - @NOBBD -
IMPRESSUM
