REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Nextcloud'
disclosed a bug submitted by
b'cyber-tech'
b'xmlrpc.php &wp-cron.php files are enabled, and will used for (DDOS),(DOS) and broutforce users attack.'
08 Feb 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'mukeran'
b'Request Smuggling in Apache Tomcat (Important, CVE-2023-45648)'
07 Feb 2024
b'IBM'
disclosed a bug submitted by
b'ibrahimsyam1'
b'IBM Maximo Asset Management could allow a remote attacker to bypass authentication due to improper access controls'
06 Feb 2024
b'Reddit'
disclosed a bug submitted by
b'ahmed-abdo'
b'Infromation Disclosure To Use of Hard-coded Cryptographic Key'
06 Feb 2024
b'Mars'
disclosed a bug submitted by
b'dr34m14'
b'CSRF to delete a pet on '
05 Feb 2024
b'HackerOne'
disclosed a bug submitted by
b'resett3r'
b'Account creation with invalid email addresses / email is accepting % and %0d%0a line termination chars'
04 Feb 2024
b'HackerOne'
disclosed a bug submitted by
b'0xacb'
b'HackerOne SAML signup domain enforcement bypass results in unauthorized access to HackerOne PullRequest organization'
04 Feb 2024
b'Mozilla Core Services'
disclosed a bug submitted by
b'd0xing'
b'Subdomain takeover on one of the subdomain under mozaws.net'
03 Feb 2024
b'Trellix'
disclosed a bug submitted by
b'cyb3r_assass1n'
b'Vulnerability Report: NO RATE LIMIT Password RESET'
02 Feb 2024
b'Trellix'
disclosed a bug submitted by
b'forcedrofes'
b'default credentials at https://52.42.105.71/'
01 Feb 2024
b'SideFX'
disclosed a bug submitted by
b'harshniture12'
b"Port 587 SMPT Open: Can send any mail remotely from the internal mail users to company mail id's."
01 Feb 2024
b'Infogram'
disclosed a bug submitted by
b'mr_r3boot'
b'Memory Corruption via Large Pixels'
01 Feb 2024
b'DuckDuckGo'
disclosed a bug submitted by
b'mr_r3boot'
b'XSS in Subdomain of DuckDuckGo'
01 Feb 2024
b'Publitas'
disclosed a bug submitted by
b'2k_hacker'
b'CORS Misconfiguration on '
31 Jan 2024
b'curl'
disclosed a bug submitted by
b'kurohiro'
b'CVE-2024-0853: OCSP verification bypass with TLS session reuse'
31 Jan 2024
b'Mars'
disclosed a bug submitted by
b'skoll101'
b'Critical Unauthenticated Access to Sensitive Employee and Customer Data Including Invoice Details at '
30 Jan 2024
b'Mars'
disclosed a bug submitted by
b'themarkib0x0'
b'No CSRF protection when adding an item to cart'
30 Jan 2024
b'Mars'
disclosed a bug submitted by
b'xandsz'
b'IDOR to account takeover on POST to by changing member_id parameter'
30 Jan 2024
b'Mars'
disclosed a bug submitted by
b'm3ntor'
b'Sensitive Information Exposed at '
30 Jan 2024
b'Mozilla Critical Services'
disclosed a bug submitted by
b'supr4s'
b'SQL Injection on prod.oidc-proxy.prod.webservices.mozgcp.net via invite_code parameter - Mozilla social inscription'
30 Jan 2024
1
...
5
6
7
8
9
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM