REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
55
b'ooooooo_q'
49
b'jon_bottarini'
49
b'haxta4ok00'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Trello'
disclosed a bug submitted by
b'bobrov'
b'[trello.com] Open Redirect'
25 Sep 2016
b'Pornhub'
disclosed a bug submitted by
b'zephrfish'
b'[stored xss, pornhub.com] stream post function'
24 Sep 2016
b'Snapchat'
disclosed a bug submitted by
b'rubyroobs'
b'Incoming email hijacking on sc-cdn.net'
23 Sep 2016
b'Nextcloud'
disclosed a bug submitted by
b'i1ackerone'
b'Password Reset Link issue'
23 Sep 2016
b'VK.com'
disclosed a bug submitted by
b'abr1k0s'
b'DOM XSS ? /activation.php?act=activate_mobile'
22 Sep 2016
b'Shopify'
disclosed a bug submitted by
b'zombiehelp54'
b'Open redirect allows changing iframe content in *.myshopify.com/admin/themes/<id>/editor'
22 Sep 2016
b'OpenSSL'
disclosed a bug submitted by
b'nimia'
b"SSLv2 doesn't block disabled ciphers (CVE-2015-3197)"
21 Sep 2016
b'OpenSSL'
disclosed a bug submitted by
b'nimia'
b'Cross-protocol attack on TLS using SSLv2 (DROWN) (CVE-2016-0800)'
21 Sep 2016
b'Instacart'
disclosed a bug submitted by
b'gorkhali'
b'[Critical] Subdomain Takeover'
20 Sep 2016
b'LocalTapiola'
disclosed a bug submitted by
b'nyymi'
b'Remote Code Execution in NovaStor NovaBACKUP DataCenter backup software (Hiback)'
20 Sep 2016
b'HackerOne'
disclosed a bug submitted by
b'geekboy'
b'Hacker.One Subdomain Takeover'
20 Sep 2016
b'Pornhub'
disclosed a bug submitted by
b'cyber-guard'
b'Unsecured Grafana instance'
20 Sep 2016
b'OpenSSL'
disclosed a bug submitted by
b'guido'
b'CVE-2016-2177 Undefined pointer arithmetic in SSL code'
20 Sep 2016
b'Python'
disclosed a bug submitted by
b'johnleitch'
b'msilib.OpenDatabase Type Confusion'
20 Sep 2016
b'Python'
disclosed a bug submitted by
b'nedw'
b'Type confusion in partial.setstate, partial_repr, partial_call leads to memory corruption, reliable control flow hijack'
20 Sep 2016
b'New Relic'
disclosed a bug submitted by
b'pewpew'
b'Login Open Redirect'
19 Sep 2016
b'Instacart'
disclosed a bug submitted by
b'cablej'
b'Brute force login and bypass locked account restrictions via iOS app'
19 Sep 2016
b'Shopify'
disclosed a bug submitted by
b'nismo'
b'XSS in SHOPIFY: Unsanitized Supplier Name can lead to XSS in Transfers Timeline'
19 Sep 2016
b'Shopify'
disclosed a bug submitted by
b'nismo'
b'Unsanitized Location Name in POS Channel can lead to XSS in Orders Timeline'
19 Sep 2016
b'Shopify'
disclosed a bug submitted by
b'ysx'
b'Access to Splunk via shard3-db2.ec2.shopify.com endpoint'
19 Sep 2016
1
...
588
589
590
591
592
...
715
BY DENIS WERNER - @NOBBD -
IMPRESSUM
