Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'67 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Uber' disclosed a bug submitted by b'temmyscript' 
b'Changing paymentProfileUuid when booking a trip allows free rides'
15 Sep 2016 timeline
b'Instacart' disclosed a bug submitted by b'trad_zero_h' 
b'CSRF To change Email Notification Settings '
15 Sep 2016 timeline
b'Instacart' disclosed a bug submitted by b'cablej' 
b'API OAuth Public Key disclosure in mobile app'
15 Sep 2016 timeline
b'Slack' disclosed a bug submitted by b'jblandino' 
b'Generate new Test token'
15 Sep 2016 timeline
b'Slack' disclosed a bug submitted by b'jobert' 
b'User can start call in a channel of an unpaid account'
15 Sep 2016 timeline
b'HackerOne' disclosed a bug submitted by b'ayoubfathi' 
b'Ability to enumerate private programs using SAML'
14 Sep 2016 timeline
b'Coinbase' disclosed a bug submitted by b'agarri_fr' 
b'Blacklist bypass on Callback URLs'
14 Sep 2016 timeline
b'Slack' disclosed a bug submitted by b'agarri_fr' 
b'Bypass of the SSRF protection (Slack commands, Phabricator integration)'
14 Sep 2016 timeline
b'APITest.IO' disclosed a bug submitted by b'agarri_fr' 
b'SSRF on testing endpoint'
14 Sep 2016 timeline
b'Slack' disclosed a bug submitted by b'uranium238' 
b'Snooping into messages via email service'
14 Sep 2016 timeline
b'Uber' disclosed a bug submitted by b'uranium238' 
b'Reading Emails in Uber Subdomains'
14 Sep 2016 timeline
b'Zomato' disclosed a bug submitted by b'mr__robot' 
b'CSRF AT INVITING PEOPLE THOUGH PHONE NUMBER'
14 Sep 2016 timeline
b'GoCD' disclosed a bug submitted by b'mr__robot' 
b'Directory Listening'
14 Sep 2016 timeline
b'Vimeo' disclosed a bug submitted by b'opnsec' 
b'XSS in Subtitles of Vimeo Flash Player and Hubnut '
14 Sep 2016 timeline
b'Boozt Fashion AB' disclosed a bug submitted by b'hacking79' 
b'XSS'
14 Sep 2016 timeline
b'OLX' disclosed a bug submitted by b'surajsp' 
b'these are my old reports and still i have not receive any good replys, these all are Cross Site Scripting(XSS) issues: POC1: https://www.youtube.com/w'
14 Sep 2016 timeline
b'Coursera' disclosed a bug submitted by b'secalert' 
b'XSS in https://www.coursera.org/courses/'
14 Sep 2016 timeline
b'Boozt Fashion AB' disclosed a bug submitted by b'zephrfish' 
b'Instance of Apache Vulnerable to Several Issues'
14 Sep 2016 timeline
b'Bime' disclosed a bug submitted by b'agarri_fr' 
b'SSRF in the Connector Designer (REST and Elastic Search)'
14 Sep 2016 timeline
b'Bime' disclosed a bug submitted by b'agarri_fr' 
b'The JDBC driver used by the Vertica connector allows to create files on the backends'
14 Sep 2016 timeline
1 ... 637 638 639 640 641 ... 762
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM