REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
55
b'ooooooo_q'
49
b'jon_bottarini'
49
b'haxta4ok00'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Dropbox'
disclosed a bug submitted by
b'franjkovic'
b'Race condition when redeeming coupon codes'
11 May 2015
b'HackerOne'
disclosed a bug submitted by
b'vathsa'
b'Content Spoofing - External Link Warning Page'
11 May 2015
b'HackerOne'
disclosed a bug submitted by
b'prakharprasad'
b'Enumeration/Guess of Private (Invited) Programs'
09 May 2015
b'Adobe'
disclosed a bug submitted by
b'vathsa'
b"Reflected Cross Site Scripting - 'puser' Parameter in login page"
09 May 2015
b'Factlink'
disclosed a bug submitted by
b'rmashhoon'
b'Frameset Proxy Problem'
09 May 2015
wont-fix
b'Faceless'
disclosed a bug submitted by
b'dragonfire_inc'
b'Bypass Setup by External Activity Invoke'
09 May 2015
b'HackerOne'
disclosed a bug submitted by
b'atom'
b'Making any Report Failed to load'
09 May 2015
b'HackerOne'
disclosed a bug submitted by
b'atom'
b'Homograph Attack'
09 May 2015
b'HackerOne'
disclosed a bug submitted by
b'filedescriptor'
b'Homograph attack'
09 May 2015
b'HackerOne'
disclosed a bug submitted by
b'killr0x33d'
b'Fake URL + Additional vectors for homograph attack'
09 May 2015
b'Twitter'
disclosed a bug submitted by
b'anshuman_bh'
b'Unauthorized Tweeting on behalf of Account Owners'
07 May 2015
b'Flash'
disclosed a bug submitted by
b'irsdl'
b'Flash Cross Domain Policy Bypass by Using File Upload and Redirection - only in Chrome'
06 May 2015
b'HackerOne'
disclosed a bug submitted by
b'leander'
b'(lack of) smtp transport layer security'
05 May 2015
wont-fix
b'Slack'
disclosed a bug submitted by
b'uttam5oren'
b'Logout any user of same team'
05 May 2015
b'Shopify'
disclosed a bug submitted by
b'zerohat'
b'Content Spoofing'
05 May 2015
b'Twitter'
disclosed a bug submitted by
b'bobrov'
b'[mobile.twitter.com / twitter.com] CSRF protection bypass'
04 May 2015
b'Twitter'
disclosed a bug submitted by
b'batuhan'
b'Twitter Card - Parent Window Redirection'
04 May 2015
b'Vimeo'
disclosed a bug submitted by
b'reeth'
b'Insecure Direct Object References in https://vimeo.com/forums'
04 May 2015
b'Vimeo'
disclosed a bug submitted by
b'reeth'
b'Insecure Direct Object References that allows to read any comment (even if it should be private)'
04 May 2015
b'Twitter'
disclosed a bug submitted by
b'filedescriptor'
b'HTTP Response Splitting (CRLF injection) due to headers overflow'
04 May 2015
1
...
665
666
667
668
669
...
713
BY DENIS WERNER - @NOBBD -
IMPRESSUM