REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
bobrov
117
geeknik
79
linkks
75
sp1d3rs
68
jobert
66
someonenobbd
60
jon_bottarini
49
netfuzzer
48
haxta4ok00
48
ryat
47
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
IRCCloud
disclosed a bug submitted by
robin
HTML Form without CSRF protection
14 May 2014
IRCCloud
disclosed a bug submitted by
internetwache
CSRF - Creating accounts
14 May 2014
IRCCloud
disclosed a bug submitted by
reporter
Dangerous Persistent xss
13 May 2014
IRCCloud
disclosed a bug submitted by
ashesh
"SESSION" Cookie without HttpOnly flag set
11 May 2014
wont-fix
Localize
disclosed a bug submitted by
reactors08
XSS in password
11 May 2014
ReddAPI
disclosed a bug submitted by
simon90
Login page password-guessing attack
09 May 2014
Khan Academy
disclosed a bug submitted by
internetwache
Possible clickjacking at shop.khanacademy.org
08 May 2014
wont-fix
Khan Academy
disclosed a bug submitted by
internetwache
CSRF - Adding/Removing items to cart - shop.khanacademy.org
08 May 2014
wont-fix
C2FO
disclosed a bug submitted by
exploitprotocol
c2fo.com is releasing sensitive Information about Database Configuration.
08 May 2014
Yahoo!
disclosed a bug submitted by
jeroldcamacho
XSS Vulnerability (my.yahoo.com)
07 May 2014
Coinbase
disclosed a bug submitted by
bryanstern
Coinbase Android Security Vulnerabilities
07 May 2014
CloudFlare
disclosed a bug submitted by
peterjaric
Security issue with your "bag" script
07 May 2014
InVision
disclosed a bug submitted by
xss
Found a Clickjacking in blog.invisionapp.com.
04 May 2014
Slack
disclosed a bug submitted by
prakharprasad
Stored XSS in Slackbot Direct Messages
04 May 2014
Coinbase
disclosed a bug submitted by
mazen160
Information Disclosure That shows the webroot of CoinBase Server
04 May 2014
wont-fix
OkCupid
disclosed a bug submitted by
smiegles
Login destination open redirection
01 May 2014
concrete5
disclosed a bug submitted by
introvertmac
Bypass auth.email-domains
30 Apr 2014
Coinbase
disclosed a bug submitted by
smilez_hapiez
Cookie missing the HttpOnly flag
30 Apr 2014
wont-fix
Coinbase
disclosed a bug submitted by
smilez_hapiez
IFRAME loaded from External Domains
30 Apr 2014
wont-fix
OkCupid
disclosed a bug submitted by
virii
Reflected XSS on www.okcupid.com/signup
30 Apr 2014
1
...
615
616
617
618
619
...
628
BY DENIS WERNER - @NOBBD -
IMPRESSUM
