REPORTS
PROGRAMS
PUBLISHERS
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
Basecamp
disclosed a bug submitted by
thwin_htet
Stored XSS on trix editor version 2.1.1
04 Nov 2024
MTN Group
disclosed a bug submitted by
haythem02
Social media account takeover
03 Nov 2024
ProductBoard, Inc.
disclosed a bug submitted by
mous_haxk
Insecure Invitation Link Handling
31 Oct 2024
Acronis
disclosed a bug submitted by
regexr
Bypassing Recaptcha Protection in `https://connect.acronis.com`
30 Oct 2024
Acronis
disclosed a bug submitted by
mubassirpatel
Blind XSS on admin.acronis.com via delete account form on account.acronis.com
30 Oct 2024
Internet Bug Bounty
disclosed a bug submitted by
dwisiswant0
ReDoS Vulnerability in HTTP Accept Headers Parsing
30 Oct 2024
HackerOne
disclosed a bug submitted by
akashhamal0x01
Bypassing HackerOne 2FA due to race condition
30 Oct 2024
MetaMask
disclosed a bug submitted by
pkkr
Missing Line Terminator on allowedOrigins enables origin spoofing
29 Oct 2024
Mozilla
disclosed a bug submitted by
hackeriron1
#2 CSRF to Information disclosure on password cancel endpoint
29 Oct 2024
U.S. Dept Of Defense
disclosed a bug submitted by
hypervis0r
Lack of rate limiting in https:///PKI/PassReset.aspx leads to PII disclosure and potential account takeover
25 Oct 2024
U.S. Dept Of Defense
disclosed a bug submitted by
0xym
Unauthenticated LFI (Local File Inclusion) using the symbol `!` At the target `https:///`
25 Oct 2024
U.S. Dept Of Defense
disclosed a bug submitted by
k0x
SQL Injection
25 Oct 2024
U.S. Dept Of Defense
disclosed a bug submitted by
exploitmsf
CVE-2020-7961 RCE Liferay Portal Unauthenticated via https:///
25 Oct 2024
U.S. Dept Of Defense
disclosed a bug submitted by
badlifeguard
Pull Any Automated Record Brief
25 Oct 2024
U.S. Dept Of Defense
disclosed a bug submitted by
badlifeguard
SSN/EDPI
25 Oct 2024
Hyperledger
disclosed a bug submitted by
hackergandhi
Memory Leak in bytes_to_hexstring Function
24 Oct 2024
AWS VDP
disclosed a bug submitted by
necr0mancer
Information Disclosure Due To exposed .env file (Directory Listing) at
22 Oct 2024
Endless Group
disclosed a bug submitted by
seqode
Weak Password Policy via DirectAdmin Password Change Functionality
22 Oct 2024
MTN Group
disclosed a bug submitted by
mathara
Reflected - XSS
21 Oct 2024
MTN Group
disclosed a bug submitted by
mathara
No rate limit in OTP code sending
21 Oct 2024
1
...
56
57
58
59
60
...
831
BY DENIS WERNER - @NOBBD -
IMPRESSUM