REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
bobrov
117
geeknik
79
linkks
75
sp1d3rs
68
jobert
67
someonenobbd
60
jon_bottarini
49
haxta4ok00
48
netfuzzer
48
ryat
47
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
Binary.com
disclosed a bug submitted by
karimrahal
Email Verification Link can be Used as Password Reset Link!
03 Dec 2015
Shopify
disclosed a bug submitted by
zombiehelp54
[CSRF] Activate PayPal Express Checkout
03 Dec 2015
Shopify
disclosed a bug submitted by
cj71f
XSS in creating tweets
03 Dec 2015
Twitter
disclosed a bug submitted by
ericr
Following a User Actually Follows Another User
02 Dec 2015
HackerOne
disclosed a bug submitted by
harisec
HTTP header injection in info.hackerone.com allows setting cookies for hackerone.com
02 Dec 2015
HackerOne
disclosed a bug submitted by
abhisheksingh
Hackerone impersonation
02 Dec 2015
Twitter
disclosed a bug submitted by
ericr
Following a User After Favoriting Actually Follows Another User (related to #95243)
02 Dec 2015
HackerOne
disclosed a bug submitted by
smiegles
profile cover can also load external URL's
02 Dec 2015
HackerOne
disclosed a bug submitted by
harshafriend4all
Limited CSRF bypass.
02 Dec 2015
HackerOne
disclosed a bug submitted by
danlec
Pre-generation of 2FA secret/backup codes seems like an unnecessary risk
02 Dec 2015
Coinbase
disclosed a bug submitted by
androm3da
iframes considered harmful
01 Dec 2015
Coinbase
disclosed a bug submitted by
paresh_parmar
OAUTH pemission set as true= lead to authorize malicious application
01 Dec 2015
Mail.Ru
disclosed a bug submitted by
bigbear_
[api.allodsteam.com] Authentication Data
01 Dec 2015
Shopify
disclosed a bug submitted by
zombiehelp54
CSV Excel Macro Injection Vulnerability in export list of current users - app.shopify.com
01 Dec 2015
Shopify
disclosed a bug submitted by
jurajk
Cookie securing your "Opening soon" store is not secured against XSS
01 Dec 2015
Vimeo
disclosed a bug submitted by
esevece
Stored XSS on vimeo.com and player.vimeo.com
30 Nov 2015
itBit Exchange
disclosed a bug submitted by
behroz
user-agent Content spoofing
28 Nov 2015
Romit
disclosed a bug submitted by
crab
No rate limit which leads to "Users information Disclosure" including verfification documents etc.
27 Nov 2015
Romit
disclosed a bug submitted by
crab
GA code not verified on the server side allows sending Verification Documents on behalf of another user
27 Nov 2015
Romit
disclosed a bug submitted by
crab
IDOR on remoing Share
27 Nov 2015
1
...
566
567
568
569
570
...
637
BY DENIS WERNER - @NOBBD -
IMPRESSUM
