REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
55
b'ooooooo_q'
49
b'jon_bottarini'
49
b'haxta4ok00'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Rocket.Chat'
disclosed a bug submitted by
b'yash24'
b'IDOR vulnerability leads to Deleting message after leaving/getting banned from group using message ID'
13 Oct 2024
b'GitHub'
disclosed a bug submitted by
b'ahacker1'
b'SAML Signature verification bypass allows logging into any user (with specific conditions)'
10 Oct 2024
b'GitLab'
disclosed a bug submitted by
b'a92847865'
b'DOS: taking down a 1k users Gitlab EE instance or multiple Sidekiq instances by importing a malicious repo from a Github EE self-hosted server'
09 Oct 2024
b'GitLab'
disclosed a bug submitted by
b'fdeleite'
b'Subdomain takeover in Gitlab pages'
09 Oct 2024
b'MTN Group'
disclosed a bug submitted by
b'm4lc0lmx'
b'Remote code execution [CVE-2023-36845]'
09 Oct 2024
b'inDrive'
disclosed a bug submitted by
b'polem4rch'
b'Change phone number OTP flaw leads to any phone number takeover'
09 Oct 2024
b'Ruby on Rails'
disclosed a bug submitted by
b'ooooooo_q'
b'Path traversal in AcitveStorage, and lead RCE'
08 Oct 2024
b'Ruby on Rails'
disclosed a bug submitted by
b'trufflesecurity'
b'Sauce Labs API key unencrypted in an old commit'
08 Oct 2024
b'GitLab'
disclosed a bug submitted by
b'cryptopone'
b'HTML injection possible with soft email confirmations when Administrator manually confirms attacker email address'
08 Oct 2024
b'GitLab'
disclosed a bug submitted by
b'70rpedo'
b'Maintainer can leak sentry token by changing the configured URL (fix bypass)'
08 Oct 2024
b'GitLab'
disclosed a bug submitted by
b'afewgoats'
b'ReDoS due to device-detector parsing user agents'
08 Oct 2024
b'Mozilla'
disclosed a bug submitted by
b'anhchangmutrang'
b'User API Key leakage in Github commit leads to unauthorized access to sql.telemetry.mozilla.org'
08 Oct 2024
b'MTN Group'
disclosed a bug submitted by
b'hazemhussien99'
b'IDOR at mtnmobad.mtnbusiness.com.ng leads to PII leakage. '
05 Oct 2024
b'MTN Group'
disclosed a bug submitted by
b'hazemhussien99'
b'Reflected XSS in https://nin.mtn.ng/nin/success?message=lol&nin=<VULNERABLE>'
05 Oct 2024
b'AWS VDP'
disclosed a bug submitted by
b'hesham_elsheme'
b'External service interaction (HTTP)'
04 Oct 2024
b'IBM'
disclosed a bug submitted by
b'mersa-v6'
b'SSRF via host header let access localhost via https://go.dialexa.com'
03 Oct 2024
b'TikTok'
disclosed a bug submitted by
b'ahmed_xyz'
b'Stored-XSS-ads.tiktok.com'
02 Oct 2024
b'GitLab'
disclosed a bug submitted by
b'tefa_'
b'Remove obsolete domain from handbook subdomain'
01 Oct 2024
b'IBM'
disclosed a bug submitted by
b'0xhassan'
b'IBM OpenPages vulnerable to exposure of sensitive information'
01 Oct 2024
1
2
3
...
711
BY DENIS WERNER - @NOBBD -
IMPRESSUM