Top10 publishers:
bobrov107 
sp1d3rs54 
bigbear_38 
guido37 Twitter
bl4de37 
isox36 
geeknik35 
4lemon35 
edio34 
jobert34 

the unofficial HackerOne disclosure timeline.

X
Uber disclosed a bug submitted by firs0v 
Full path disclosure on track.uber.com
20 Nov 2018 timeline
Uber disclosed a bug submitted by r0t Twitter
Possibility to enumerate and bruteforce promotion codes in Uber iOS App
20 Nov 2018 timeline
Uber disclosed a bug submitted by bobrov 
Open Redirect in riders.uber.com
20 Nov 2018 timeline
Uber disclosed a bug submitted by appsecure_in 
Lack of payment type validation in dial.uber.com allows for free rides
20 Nov 2018 timeline
Uber disclosed a bug submitted by mdv 
Stored XSS on any page in most Uber domains
20 Nov 2018 timeline
Node.js third-party modules disclosed a bug submitted by dienpv 
Prototype pollution attack (mergify)
20 Nov 2018 timeline
Ruby on Rails disclosed a bug submitted by ooooooo_q 
Validation bypass for queries generated for PostgreSQL
19 Nov 2018 timeline
QIWI disclosed a bug submitted by bobrov 
[lk.contact-sys.com] SQL Injection reset_password FP_LK_USER_LOGIN
18 Nov 2018 timeline
QIWI disclosed a bug submitted by bobrov 
[contact-sys.com] SQL Injection /ajax/where/cityNameByCountryId limit param
18 Nov 2018 timeline
QIWI disclosed a bug submitted by bobrov 
[contact-sys.com] XSS /ajax/transfer/status trn param
18 Nov 2018 timeline
QIWI disclosed a bug submitted by bobrov 
[lk.contact-sys.com] LKlang Path Traversal
18 Nov 2018 timeline
QIWI disclosed a bug submitted by bobrov 
[ibank.qiwi.ru] XSS via Request-URI
18 Nov 2018 timeline
QIWI disclosed a bug submitted by bobrov 
[wallet.rapida.ru] XSS Cookie flashcookie
18 Nov 2018 timeline
QIWI disclosed a bug submitted by bobrov 
[contact-sys.com] XSS via Request-URI
18 Nov 2018 timeline
QIWI disclosed a bug submitted by bobrov 
[sms.qiwi.ru] XSS via Request-URI
18 Nov 2018 timeline
WePay disclosed a bug submitted by bobrov 
[stage-go.wepay.com] XSS via Request URI
18 Nov 2018 timeline
QIWI disclosed a bug submitted by bobrov 
[vitrina.contact-sys.com] Full Path Disclosure
18 Nov 2018 timeline
Sucuri disclosed a bug submitted by bobrov 
[backups*.sucuri.net] CRLF Injection
18 Nov 2018 timeline
QIWI disclosed a bug submitted by bobrov 
[id.rapida.ru] Full Path Disclosure
18 Nov 2018 timeline
1 2 3 ... 313
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM