REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
81
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
58
b'ooooooo_q'
52
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Nextcloud'
disclosed a bug submitted by
b'spetr0x'
b'Unauthenticated Stored xss '
13 Sep 2016
b'Instacart'
disclosed a bug submitted by
b'sameoldstory'
b"Fetch private list metadata and any user's personal name"
12 Sep 2016
b'Instacart'
disclosed a bug submitted by
b'corb3nik'
b'Hyperlink Injection in Friend Invitation Emails'
12 Sep 2016
b'Instacart'
disclosed a bug submitted by
b'cablej'
b'Missing rel=noreferrer tag allows link in list to change url of currently open tab'
12 Sep 2016
b'Instacart'
disclosed a bug submitted by
b'mefkan'
b'Image Upload Path Disclosure'
12 Sep 2016
b'Legal Robot'
disclosed a bug submitted by
b'cablej'
b'User Information sent to client through websockets'
12 Sep 2016
b'Legal Robot'
disclosed a bug submitted by
b'cablej'
b'User Information leak allows user to bypass email verification.'
12 Sep 2016
b'Pornhub'
disclosed a bug submitted by
b'zephrfish'
b'[crossdomain.xml] Dangerous Flash Cross-Domain Policy'
12 Sep 2016
b'Instacart'
disclosed a bug submitted by
b'cablej'
b'Race Condition in Redeeming Coupons'
12 Sep 2016
b'Instacart'
disclosed a bug submitted by
b'clarck-owen'
b'Host Header Injection/Redirection in: https://www.instacart.com/'
11 Sep 2016
b'Harvest'
disclosed a bug submitted by
b'eboda'
b'Stored XSS on invoice, executing on any subdomain'
10 Sep 2016
b'Harvest'
disclosed a bug submitted by
b'eboda'
b'S3 bucket takeover due to proxy.harvestfiles.com'
10 Sep 2016
b'Boozt Fashion AB'
disclosed a bug submitted by
b'r4hul-ch'
b'No csrf protection on logout'
10 Sep 2016
b'Boozt Fashion AB'
disclosed a bug submitted by
b'm726a786'
b'User Enumeration. '
10 Sep 2016
b'Harvest'
disclosed a bug submitted by
b'0xamir'
b'Users enumeration is possible through cycling through recurring[client_id] argument value.'
10 Sep 2016
b'Mail.Ru'
disclosed a bug submitted by
b'ahsantahir'
b"[cfire.mail.ru] CSRF Bypassed - Changing anyone's 'User Info'"
09 Sep 2016
b'Veris'
disclosed a bug submitted by
b'xenon'
b'[XSS] sandbox.veris.in'
09 Sep 2016
b'Legal Robot'
disclosed a bug submitted by
b'paramdham'
b'CSRF'
09 Sep 2016
b'Instacart'
disclosed a bug submitted by
b's44mux'
b'Stored XSS'
09 Sep 2016
b'Uber'
disclosed a bug submitted by
b'apara'
b'Bulk UUID enumeration via invite codes'
08 Sep 2016
1
...
607
608
609
610
611
...
731
BY DENIS WERNER - @NOBBD -
IMPRESSUM
