Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'83 
b'linkks'75 
b'jobert'70 
b'nyymi'62 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Automattic' disclosed a bug submitted by b'slavco' 
b'woocommerce - prevent_caching() bug / bypass'
16 Sep 2017 timeline
b'Cuvva' disclosed a bug submitted by b'leet-boy' 
b"Insecure Direct Object Reference (IDOR) Allowing me to claim other user's photos (driving license and selfies) as mine"
15 Sep 2017 timeline
b'TTS Bug Bounty' disclosed a bug submitted by b'sp1d3rs' 
b'Reflected XSS on the data.gov (WAF bypass+ Chrome XSS Auditor bypass+ works in all browsers)'
15 Sep 2017 timeline
b'TTS Bug Bounty' disclosed a bug submitted by b'sp1d3rs' 
b'HTML injection (with XSS possible) on the https://www.data.gov/issue/ using media_url attribute'
15 Sep 2017 timeline
b'Automattic' disclosed a bug submitted by b'slavco' 
b'Unauthenticated RCE in Vaultpress'
15 Sep 2017 timeline
b'Ruby' disclosed a bug submitted by b'mame' 
b'Escape sequence injection vulnerability in WEBrick BasicAuth'
15 Sep 2017 timeline
b'Legal Robot' disclosed a bug submitted by b'hulskr' 
b'Profile fields validation mismatch'
15 Sep 2017 timeline
b'Legal Robot' disclosed a bug submitted by b'd4rk_g1rl' 
b'Futureoflife organization URL should be HTTPS'
15 Sep 2017 timeline
b'Weblate' disclosed a bug submitted by b'alyanwarr' 
b'No rate limit or captcha to identify humans'
15 Sep 2017 timeline
b'Legal Robot' disclosed a bug submitted by b'goodhackonly' 
b'2FA manual entry uses wrong encoding'
14 Sep 2017 timeline
b'Zomato' disclosed a bug submitted by b'0xamir' 
b'CSRF in the "Add restaurant picture" function'
14 Sep 2017 timeline
b'Legal Robot' disclosed a bug submitted by b'lov3_you' 
b'observer.com URL should HTTPS'
14 Sep 2017 timeline
b'TTS Bug Bounty' disclosed a bug submitted by b'swag01' 
b'Server Side Misconfiguration (EMAIL SPOOFING) '
14 Sep 2017 timeline
b'Ubiquiti Networks' disclosed a bug submitted by b'bobrov' 
b'[dev-nightly.ubnt.com] Local File Reading'
14 Sep 2017 timeline
b'VK.com' disclosed a bug submitted by b'lincoln9932' 
b'CSRF ????????? ???????? ?? ???????????? ??????? ??????.'
14 Sep 2017 timeline
b'Grabtaxi Holdings Pte Ltd' disclosed a bug submitted by b'paresh_parmar' 
b'Blind stored xss [parcel.grab.com] > name parameter '
14 Sep 2017 timeline
b'Grabtaxi Holdings Pte Ltd' disclosed a bug submitted by b'sp1d3rs' 
b'Private Grab Messages on Android App can be accessed and cached by Search Engines'
14 Sep 2017 timeline
b'Grabtaxi Holdings Pte Ltd' disclosed a bug submitted by b'sp1d3rs' 
b'Authorization bypass using login by phone option+horizontal escalation possible on Grab Android App'
14 Sep 2017 timeline
b'Cuvva' disclosed a bug submitted by b'leet-boy' 
b'No Notification Sent When Email Is Changed.'
13 Sep 2017 timeline
b'Grabtaxi Holdings Pte Ltd' disclosed a bug submitted by b'sp1d3rs' 
b'Two-factor authentication bypass on Grab Android App'
12 Sep 2017 timeline
1 ... 512 513 514 515 516 ... 738
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM