REPORTS
PROGRAMS
PUBLISHERS
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Node.js third-party modules'
disclosed a bug submitted by
b'bl4de'
b'[stattic] Inproper path validation leads to Path Traversal and allows to read arbitrary files with any extension(s)'
06 Mar 2018
b'Khan Academy'
disclosed a bug submitted by
b'securitygab'
b'[critical] sql injection by GET method'
06 Mar 2018
b'Binary.com'
disclosed a bug submitted by
b'flex0geek'
b'Leaking Referrer in Reset Password Link'
06 Mar 2018
b'Shopify'
disclosed a bug submitted by
b'vijay_kumar1110'
b'Access to Private Photos of Apps in App section(IDOR)'
05 Mar 2018
b'VK.com'
disclosed a bug submitted by
b'barracuda_'
b'Blind XXE on pu.vk.com'
04 Mar 2018
b'VK.com'
disclosed a bug submitted by
b'pisarenko'
b'??????? ? ?????? ?? ????????'
04 Mar 2018
b'VK.com'
disclosed a bug submitted by
b'pisarenko'
b'?????????? flood ???????? ? ???????? ??'
04 Mar 2018
b'VK.com'
disclosed a bug submitted by
b'yango'
b'????????? (?????????? upgreid) ?????????: ?????? ?????????? ?? ???? ? ???????? (XSS - ?? ?????????)'
04 Mar 2018
b'VK.com'
disclosed a bug submitted by
b'lincoln9932'
b'CSRF ??????????????? ???????? ? ????? ? ??????'
04 Mar 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'bl4de'
b'[glance] Path Traversal in glance static file server allows to read content of arbitrary file'
04 Mar 2018
b'Pushwoosh'
disclosed a bug submitted by
b'ryudox'
b'Cleartext Password returned in JSON response'
04 Mar 2018
b'ownCloud'
disclosed a bug submitted by
b'wdem'
b'Password Complexity Not Enforced On Password Change'
03 Mar 2018
b'Automattic'
disclosed a bug submitted by
b'slavco'
b'wpjobmanager - unserialize of user input'
03 Mar 2018
b'TTS Bug Bounty'
disclosed a bug submitted by
b'northivanastan'
b'SSH server compatible with several vulnerable cryptographic algorithms'
02 Mar 2018
b'Keybase'
disclosed a bug submitted by
b'tomnomnom'
b'Difference in query string parameter processing between Hacker News and Keybase Chrome extension spawns chat to incorrect user'
02 Mar 2018
b'Grabtaxi Holdings Pte Ltd'
disclosed a bug submitted by
b'ysx'
b'[growth.grab.com] Reflected XSS via Base64-encoded "q" param on "my.html" Valentine\'s microsite'
02 Mar 2018
b'LocalTapiola'
disclosed a bug submitted by
b'muon4'
b'Information exposure via error pages (www.lahitapiola.fi Tomcat)'
02 Mar 2018
b'LocalTapiola'
disclosed a bug submitted by
b'putsi'
b'Reflected XSS+CSRF on secure.lahitapiola.fi'
02 Mar 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'bl4de'
b'[simple-server] HTML with iframe element can be used as filename, which might lead to load and execute malicious JavaScript '
01 Mar 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'bl4de'
b'[angular-http-server] Path Traversal in angular-http-server.js allows to read arbitrary file from the remote server'
01 Mar 2018
1
...
502
503
504
505
506
...
766
BY DENIS WERNER - @NOBBD -
IMPRESSUM
