REPORTS
PROGRAMS
PUBLISHERS
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Pornhub'
disclosed a bug submitted by
b'zephrfish'
b'PornIQ Reflected Cross-Site Scripting'
22 Jun 2016
b'Mail.Ru'
disclosed a bug submitted by
b'samidrif'
b'Code source discloure & ability to get database information "SQL injection" in [townwars.mail.ru]'
22 Jun 2016
b'Romit'
disclosed a bug submitted by
b'eboda'
b'Session Fixation'
22 Jun 2016
b'Nextcloud'
disclosed a bug submitted by
b'japongskie'
b'No Rate Limiting on stats.nextcloud.com login'
22 Jun 2016
b'Zomato'
disclosed a bug submitted by
b'dejavuln'
b'Instagram OAuth2 Implementation Leaks Access Token; Allows for Cross-Site Script Inclusion (XSSI)'
22 Jun 2016
b'Nextcloud'
disclosed a bug submitted by
b'vivek_patil'
b'WordPress Vulnerabilities: User Enumeration, Vulnerable Akismet Plugin, XML-RPC Interface available'
22 Jun 2016
b'Slack'
disclosed a bug submitted by
b'mkbb'
b'Unauthenticated Access to some old file thumbnails '
21 Jun 2016
b'HackerOne'
disclosed a bug submitted by
b'jthetechguy'
b'All information is not removed from published reports'
21 Jun 2016
b'Nextcloud'
disclosed a bug submitted by
b'armfox97'
b'Deny access to download.nextcloud.com + folders'
21 Jun 2016
b'Shopify'
disclosed a bug submitted by
b'ksaurabh'
b'Fetching external resources through svg images'
21 Jun 2016
b'Ruby'
disclosed a bug submitted by
b'guido'
b'Heap corruption in string.c tr_trans() due to undersized buffer'
21 Jun 2016
b'Ruby'
disclosed a bug submitted by
b'guido'
b'Heap corruption in DateTime.strftime() on 32 bit for certain format strings'
21 Jun 2016
b'Ruby'
disclosed a bug submitted by
b'guido'
b'StringIO strio_getline() can divulge arbitrary memory'
21 Jun 2016
b'Nextcloud'
disclosed a bug submitted by
b'bugdiscloseguy'
b'Email ID Disclosure.'
20 Jun 2016
b'Nextcloud'
disclosed a bug submitted by
b'johnd'
b'No rate limiting on password protected shared file link'
20 Jun 2016
b'Nextcloud'
disclosed a bug submitted by
b'gaurang'
b'No permission set on Activities [Android App]'
20 Jun 2016
b'Ubiquiti Networks'
disclosed a bug submitted by
b'ebrietas'
b'Source code disclosure on https://107.23.69.180'
20 Jun 2016
b'Ubiquiti Networks'
disclosed a bug submitted by
b'shubham'
b'CSRF in login form would led to account takeover'
20 Jun 2016
b'Mail.Ru'
disclosed a bug submitted by
b'cyberpunkych'
b'?????? ?????????? ????? JSONP (XXSI)'
20 Jun 2016
b'Mail.Ru'
disclosed a bug submitted by
b'isox'
b'bgplay.mail.ru'
20 Jun 2016
1
...
666
667
668
669
670
...
770
BY DENIS WERNER - @NOBBD -
IMPRESSUM