the unofficial HackerOne disclosure timeline.

X
b'WakaTime' disclosed a bug submitted by b'mrreboot' 
b'Missing SPF Flags'
01 Jul 2017 timeline
b'WakaTime' disclosed a bug submitted by b'gaurang' 
b'Mailgun misconfiguration '
01 Jul 2017 timeline
b'WakaTime' disclosed a bug submitted by b'pratyushjanghel' 
b'Session Not Expired On Logout'
01 Jul 2017 timeline
b'Starbucks' disclosed a bug submitted by b'kylecolson' 
b'Lack of Controls Allowing for Card and PIN Enumeration Leading to Fraud'
01 Jul 2017 timeline
b'Paragon Initiative Enterprises' disclosed a bug submitted by b'abdel-fattah-elsisi' 
b'[Critical] billion dollars issue'
30 Jun 2017 timeline
b'WordPress' disclosed a bug submitted by b'abdullah' 
b'CSRF to add admin [wordpress]'
30 Jun 2017 timeline
b'Stellar.org' disclosed a bug submitted by b'geeknik' 
b'heap-buffer-overflow (READ of size 1) in cpptoml::parser::consume_whitespace()'
30 Jun 2017 timeline
b'Zomato' disclosed a bug submitted by b'mrtuxracer' 
b'[book.zomato.com] Account Recover Plaintext Passwords'
30 Jun 2017 timeline
b'Zomato' disclosed a bug submitted by b'albinowax' 
b'CORS Misconfiguration on www.zomato.com'
30 Jun 2017 timeline
b'Zomato' disclosed a bug submitted by b'pabster' 
b'CSRF To Like/Unlike Photos'
30 Jun 2017 timeline
b'Zomato' disclosed a bug submitted by b'rasi-ras' 
b'xss found in zomato'
30 Jun 2017 timeline
b'GitLab' disclosed a bug submitted by b'pruby' 
b'Missing/Breach of Internal Security Boundary - Access to Job Queue Results in Remote Code Execution'
28 Jun 2017 timeline
b'Parrot Sec' disclosed a bug submitted by b'no_body_cares' 
b'http://lists.parrotsec.org vulnerable to MITM'
28 Jun 2017 timeline
b'Moneybird' disclosed a bug submitted by b'mattweidner' 
b'Webhook allows sending payload using insecure HTTP protocol'
28 Jun 2017 timeline
b'Weblate' disclosed a bug submitted by b'abiral' 
b'Captcha bypass at registration'
28 Jun 2017 timeline
b'Weblate' disclosed a bug submitted by b'abiral' 
b'Adding Email lacks Password validation'
28 Jun 2017 timeline
b'Uber' disclosed a bug submitted by b'temmyscript' 
b'deleting payment profile during active trip puts account into arrears but active trip is temporarily \xe2\x80\x9cfree\xe2\x80\x9d'
28 Jun 2017 timeline
b'Shopify' disclosed a bug submitted by b'bored-engineer' 
b'XSS on $shop$.myshopify.com/admin/ and partners.shopify.com via whitelist bypass in SVG icon for sales channel applications'
27 Jun 2017 timeline
b'Shopify' disclosed a bug submitted by b'yaworsk' 
b'API Webhooks Fire And Are Unlisted After Permissions Removed'
27 Jun 2017 timeline
b'Mixmax' disclosed a bug submitted by b'joshualaurencio' 
b'Improper parsing of input could lead to future XSS vulnerabilities in Sequences'
27 Jun 2017 timeline
1 ... 564 565 566 567 568 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM