REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
bobrov
117
geeknik
79
linkks
75
sp1d3rs
68
jobert
64
someonenobbd
59
jon_bottarini
49
netfuzzer
48
haxta4ok00
48
ryat
47
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
Vimeo
disclosed a bug submitted by
geekboy
USER PRIVACY VIOLATED (PRIVATE DATA GETTING TRANSFER OVER INSECURE CHANNEL )
20 Jan 2015
wont-fix
PHP
disclosed a bug submitted by
endeavor
Free called on unitialized pointer in exif.c
20 Jan 2015
PHP
disclosed a bug submitted by
sesser
Use after free vulnerability in unserialize()
20 Jan 2015
Localize
disclosed a bug submitted by
pouya
PHP PDOException and Full Path Disclosure
18 Jan 2015
Revert
disclosed a bug submitted by
internetwache
Missing SPF header on revert.io
18 Jan 2015
QIWI
disclosed a bug submitted by
fishumu
Metadata in hosted files is disclosing Usernames, Printers, paths, admin guides. emails
18 Jan 2015
wont-fix
Openfolio
disclosed a bug submitted by
harshafriend4all
xss in /browse/contacts/
14 Jan 2015
Phabricator
disclosed a bug submitted by
nullsub
Phabricator Phame Blog Skins Local File Inclusion
14 Jan 2015
Informatica
disclosed a bug submitted by
dreamzz
Missing SPF for informatica.com
12 Jan 2015
wont-fix
Slack
disclosed a bug submitted by
fransrosen
Facebook Takeover using Slack using 302 from files.slack.com with access_token
11 Jan 2015
Mail.Ru
disclosed a bug submitted by
4lemon
Stored XSS on http://top.mail.ru
10 Jan 2015
Phabricator
disclosed a bug submitted by
nullsub
Phabricator Diffusion application allows unauthorized users to delete mirrors
09 Jan 2015
Vimeo
disclosed a bug submitted by
artem
APIs for channels allow HTML entities that may cause XSS issue
08 Jan 2015
The Internet
disclosed a bug submitted by
isciurus
libcurl: URL request injection
08 Jan 2015
Twitter
disclosed a bug submitted by
sappi
No rate limiting on creating lists
06 Jan 2015
wont-fix
Twitter
disclosed a bug submitted by
batuhan
Notifications can mark as read by CSRF
03 Jan 2015
wont-fix
Uzbey LLC
disclosed a bug submitted by
anonymous_india
Suck My Motherfucking Dick
01 Jan 2015
wont-fix
Block.io
disclosed a bug submitted by
shivathegame
Bypassed or command injection
01 Jan 2015
wont-fix
Twitter
disclosed a bug submitted by
shivathegame
Homograph attack.
01 Jan 2015
wont-fix
Twitter
disclosed a bug submitted by
missoum1307
URGENT - Subdomain Takeover on users.tweetdeck.com , the same issue of report #32825
01 Jan 2015
1
...
570
571
572
573
574
...
608
BY DENIS WERNER - @NOBBD -
IMPRESSUM