REPORTS
PROGRAMS
PUBLISHERS
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Harvest'
disclosed a bug submitted by
b'vagg-a-bond'
b'Project Disclosure of all Harvest Instances'
01 Nov 2016
b'Slack'
disclosed a bug submitted by
b'procode701'
b'Email information leakage for certain addresses'
31 Oct 2016
b'Boozt Fashion AB'
disclosed a bug submitted by
b'inhibitor181'
b"Make victim buy in attacker's account without any idea - http://www.booztlet.com/"
31 Oct 2016
b'Paragon Initiative Enterprises'
disclosed a bug submitted by
b'hextitan'
b'[Airship CMS] Local File Inclusion - RST Parser'
31 Oct 2016
b'Nextcloud'
disclosed a bug submitted by
b'ahsantahir'
b'Content spoofing due to the improper behavior of the 403 page in Private Server'
31 Oct 2016
b'Harvest'
disclosed a bug submitted by
b'eboda'
b'Invoices can be added to any retainers - even closs-platform'
29 Oct 2016
b'Zaption'
disclosed a bug submitted by
b'bobrov'
b'[zaption.com] Open Redirect'
29 Oct 2016
b'C2FO'
disclosed a bug submitted by
b'bobrov'
b'[admin.c2fo.com] Open Redirect'
29 Oct 2016
b'Legal Robot'
disclosed a bug submitted by
b'japzdivino'
b'Bypass 8 chars password complexity with 6 chars only due to insecure password reset functionaliy'
29 Oct 2016
b'HackerOne'
disclosed a bug submitted by
b'staytuned'
b'Information disclosure via policy update notifications after removal from program'
29 Oct 2016
b'Whisper'
disclosed a bug submitted by
b'shhnjk'
b'Missing DMARC record'
28 Oct 2016
b'Pornhub'
disclosed a bug submitted by
b'cyber-guard'
b'Disclosure of private photos/albums - http://www.pornhub.com/album/show_image_box'
28 Oct 2016
b'GitLab'
disclosed a bug submitted by
b'yaworsk'
b'Insecure 2FA/authentication implementation creates a brute force vulnerability'
28 Oct 2016
b'Automattic'
disclosed a bug submitted by
b'bobrov'
b'Follow Button XSS'
28 Oct 2016
b'OLX'
disclosed a bug submitted by
b'hogarth45'
b'Reflective XSS at m.olx.ph'
28 Oct 2016
b'Yelp'
disclosed a bug submitted by
b'vinesh1989'
b'Requesting Show CheckIn Alert for Non Friend User'
27 Oct 2016
b'Yelp'
disclosed a bug submitted by
b'badagent'
b'Verification of E-Mail address possible on https://biz.yelp.com/login and https://biz.yelp.com/forgot'
27 Oct 2016
b'Open-Xchange'
disclosed a bug submitted by
b'dejavuln'
b'OX (Guard): Stored Cross-Site Scripting via Incoming Email'
27 Oct 2016
b'HackerOne'
disclosed a bug submitted by
b'whhackersbr'
b'(HackerOne SSO-SAML) Login CSRF, Open Redirect, and Self-XSS Possible Exploitation'
27 Oct 2016
b'Zopim'
disclosed a bug submitted by
b'bobrov'
b'[status.zopim.com] Open Redirect'
26 Oct 2016
1
...
634
635
636
637
638
...
770
BY DENIS WERNER - @NOBBD -
IMPRESSUM