REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
81
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
60
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Trello'
disclosed a bug submitted by
b'kartik1202'
b'Rate limiting of incorrect Two Factor Authentication codes not enforced'
04 Apr 2017
b'Souq.com'
disclosed a bug submitted by
b'mohammedalsaggaf'
b'reflected xss on search bar (uae.souq.com)'
04 Apr 2017
b'Phabricator'
disclosed a bug submitted by
b'kevin_c'
b'An unsafe design practice in the Passphrase may result in Secret being accidentally changed.'
04 Apr 2017
b'shopify-scripts'
disclosed a bug submitted by
b'ssarong'
b'Heap Buffer Overflow while processing OP_SEND'
03 Apr 2017
b'shopify-scripts'
disclosed a bug submitted by
b'ssarong'
b"Null pointer dereference in 'get_file'"
03 Apr 2017
b'shopify-scripts'
disclosed a bug submitted by
b'ssarong'
b'Invalid Pointer Reference from OP_RESCUE'
03 Apr 2017
b'Ubiquiti Networks'
disclosed a bug submitted by
b'jerusha'
b'Content Spoofing or Text Injection in (403 forbidden page injection) and Nginx version disclosure via response header'
03 Apr 2017
b'Twitter'
disclosed a bug submitted by
b'filedescriptor'
b'DOMXSS in Tweetdeck'
02 Apr 2017
b'Twitter'
disclosed a bug submitted by
b'yaworsk'
b'niche s3 buckets are readable/writeable/deleteable by authorized AWS users'
02 Apr 2017
b'shopify-scripts'
disclosed a bug submitted by
b'dgaletic'
b'Use-after-free leading to an invalid pointer dereference'
02 Apr 2017
b'QIWI'
disclosed a bug submitted by
b'bobrov'
b'[qiwi.com] Information Disclosure'
31 Mar 2017
b'Algolia'
disclosed a bug submitted by
b'bobrov'
b'[github.algolia.com] DOM Based XSS github-btn.html'
31 Mar 2017
b'Ubiquiti Networks'
disclosed a bug submitted by
b'bobrov'
b'[account-global.ubnt.com] CRLF Injection'
31 Mar 2017
b'Quora'
disclosed a bug submitted by
b'bobrov'
b'[controlsyou.quora.com] 429 Too Many Requests Error-Page XSS'
31 Mar 2017
b'Gratipay'
disclosed a bug submitted by
b'a0xnirudh'
b'Content length restriction bypass can lead to DOS by reading large files on gip.rocks'
31 Mar 2017
b'Gratipay'
disclosed a bug submitted by
b'a0xnirudh'
b'HTTP trace method is enabled on aspen.io'
31 Mar 2017
b'Ubiquiti Networks'
disclosed a bug submitted by
b'linkks'
b'sqli'
31 Mar 2017
b'Maximum'
disclosed a bug submitted by
b'linkks'
b'RC4 cipher suites detected'
31 Mar 2017
b'Maximum'
disclosed a bug submitted by
b'linkks'
b'SSL certificate invalid date'
31 Mar 2017
b'Maximum'
disclosed a bug submitted by
b'linkks'
b'Application error message'
31 Mar 2017
1
...
560
561
562
563
564
...
733
BY DENIS WERNER - @NOBBD -
IMPRESSUM