REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
55
b'ooooooo_q'
49
b'jon_bottarini'
49
b'haxta4ok00'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Ruby on Rails'
disclosed a bug submitted by
b'joernchen'
b'RCE due to Web Console IP Whitelist bypass in Rails 4.0 and 4.1'
16 Jun 2015
b'Ruby on Rails'
disclosed a bug submitted by
b'einstein_'
b'JSON keys are not properly escaped'
16 Jun 2015
b'Ruby on Rails'
disclosed a bug submitted by
b'mastahyeti'
b'rails-ujs will send CSRF tokens to other origins'
16 Jun 2015
b'Coinbase'
disclosed a bug submitted by
b'dia2diab'
b'Two-factor authentication (via SMS)'
16 Jun 2015
wont-fix
b'Twitter'
disclosed a bug submitted by
b'hussein98d'
b"Reporting user's profile by using another people's ID"
11 Jun 2015
b'concrete5'
disclosed a bug submitted by
b'egix'
b'SQL Injection Vulnerability in Concrete5 version 5.7.3.1'
11 Jun 2015
b'Shopify'
disclosed a bug submitted by
b'paulos_'
b'Header Misconfiguration - PHP API'
11 Jun 2015
b'LibSass'
disclosed a bug submitted by
b'richo'
b'type confusion in Sass::ParserState::ParserState(Sass::ParserState const&)'
11 Jun 2015
b'OpenSSL'
disclosed a bug submitted by
b'ctz'
b'Malformed ECParameters causes infinite loop'
11 Jun 2015
b'Coin.Space'
disclosed a bug submitted by
b'shubham'
b'SMTP protection not used'
10 Jun 2015
b'HackerOne'
disclosed a bug submitted by
b'ashesh'
b'Potential denial of service in hackerone.com/<program>/reward_settings'
10 Jun 2015
b'HackerOne'
disclosed a bug submitted by
b'ashesh'
b'mailto: link injection on https://hackerone.com/directory'
10 Jun 2015
b'Shopify'
disclosed a bug submitted by
b'bobrov'
b'[www.*.myshopify.com] CRLF Injection'
10 Jun 2015
b'Shopify'
disclosed a bug submitted by
b'4lemon'
b'Force 500 Internal Server Error on any shop (for one user)'
09 Jun 2015
b'Shopify'
disclosed a bug submitted by
b'killr0x33d'
b'XSS on support.shopify.com'
09 Jun 2015
b'Dropbox'
disclosed a bug submitted by
b'missoum1307'
b'XSS in dropbox main domain '
09 Jun 2015
b'Udemy'
disclosed a bug submitted by
b'mthirup'
b'teach.udemy.com log poison vulnerability through wordpress debug.log being publically available'
09 Jun 2015
b'Shopify'
disclosed a bug submitted by
b'nismo'
b'XSS in myshopify.com Admin site in TAX Overrides'
09 Jun 2015
b'MapLogin'
disclosed a bug submitted by
b'dia2diab'
b'Not Completed Accounts Take Over (Urgent bug)'
09 Jun 2015
b'HackerOne'
disclosed a bug submitted by
b'janpaul123'
b'Report title autocompletion'
08 Jun 2015
1
...
663
664
665
666
667
...
715
BY DENIS WERNER - @NOBBD -
IMPRESSUM