REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
bobrov
117
geeknik
79
linkks
75
sp1d3rs
68
jobert
67
someonenobbd
60
jon_bottarini
49
haxta4ok00
48
netfuzzer
48
ryat
47
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
Phabricator
disclosed a bug submitted by
tunnelshade
Abusing daemon logs for Privilege escalation under certain scenarios
18 Jun 2014
FanFootage
disclosed a bug submitted by
shubham
Session Token is not Verified while changing Account Setting's which Result In account Takeover
14 Jun 2014
IRCCloud
disclosed a bug submitted by
gunda
Log Out Cross site Request Forgery
13 Jun 2014
Coin.co
disclosed a bug submitted by
anshuman_bh
Coin.co Admin interface accessible externally
13 Jun 2014
wont-fix
Phabricator
disclosed a bug submitted by
tunnelshade
Abusing VCS control on phabricator
13 Jun 2014
HackerOne
disclosed a bug submitted by
siddiki
Adding an user email address to the list before confirming.
11 Jun 2014
wont-fix
Minr.es
disclosed a bug submitted by
nahamsec
readable .htaccess
11 Jun 2014
Mail.Ru
disclosed a bug submitted by
siddiki
No CSRF token used in Phone Verification POST
11 Jun 2014
wont-fix
Ian Dunn
disclosed a bug submitted by
siddiki
PHP and Wordpress version disclosure
11 Jun 2014
wont-fix
RelateIQ
disclosed a bug submitted by
siddiki
Old Sessions remain valid after the password change.
11 Jun 2014
wont-fix
OkCupid
disclosed a bug submitted by
quistertow
XSS - okcupid.com
10 Jun 2014
Factlink
disclosed a bug submitted by
robin
Url Redirection
10 Jun 2014
wont-fix
HackerOne
disclosed a bug submitted by
guido
Session not invalidated after password reset
10 Jun 2014
concrete5
disclosed a bug submitted by
smiegles
/index.php/dashboard/sitemap/explore/ Cross-site scripting
09 Jun 2014
concrete5
disclosed a bug submitted by
smiegles
dashboard/pages/types [Unknown column 'Array' in 'where clause'] disclosure.
09 Jun 2014
concrete5
disclosed a bug submitted by
smiegles
CONCRETE5 - path disclosure.
09 Jun 2014
Secret
disclosed a bug submitted by
siddiki
Login CSRF in Secret.ly
09 Jun 2014
Yahoo!
disclosed a bug submitted by
joserabal
Bypass of the Clickjacking protection on Flickr using data URL in iframes
06 Jun 2014
Coinbase
disclosed a bug submitted by
ryancollins
2 factor authentication design flaw
06 Jun 2014
Mail.Ru
disclosed a bug submitted by
mlik120
Clickjacking
06 Jun 2014
1
...
619
620
621
622
623
...
637
BY DENIS WERNER - @NOBBD -
IMPRESSUM
