REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Mobile Vikings'
disclosed a bug submitted by
b'4lemon'
b'Reflected xss in user name thru cookie'
04 Mar 2015
b'Mobile Vikings'
disclosed a bug submitted by
b'4lemon'
b'Stored xss in user name'
04 Mar 2015
wont-fix
b'Mobile Vikings'
disclosed a bug submitted by
b'4lemon'
b'Stored xss in user name (2) affected another user.'
04 Mar 2015
b'Mobile Vikings'
disclosed a bug submitted by
b'4lemon'
b'Username and sim id enum'
04 Mar 2015
wont-fix
b'Mobile Vikings'
disclosed a bug submitted by
b'4lemon'
b'Approve topup method by sender of this method'
04 Mar 2015
b'PHP'
disclosed a bug submitted by
b'andreapalazzo'
b"SoapClient's __call() type confusion through unserialize()"
03 Mar 2015
b'Vimeo'
disclosed a bug submitted by
b'fin1te'
b'Ability to Download Music Tracks Without Paying (Missing permission check on`/musicstore/download`)'
01 Mar 2015
b'The Internet'
disclosed a bug submitted by
b'dirtybit'
b'Bad Write in TTF font parsing (win32k.sys)'
01 Mar 2015
b'Vimeo'
disclosed a bug submitted by
b'dotspoted'
b'Serious Vulnerability Found'
27 Feb 2015
wont-fix
b'itBit Exchange'
disclosed a bug submitted by
b'zoczus'
b'Notification Emails: IP + Content-Spoofing '
27 Feb 2015
b'itBit Exchange'
disclosed a bug submitted by
b'4lemon'
b'Unsecure data in "device" response - OTP'
27 Feb 2015
b'HackerOne'
disclosed a bug submitted by
b'siddiki'
b'Team member invitations to sandboxed teams are not invalidated consistently (v2)'
27 Feb 2015
b'PHP'
disclosed a bug submitted by
b'ryat'
b'Use after free vulnerability in unserialize() with DateTimeZone'
27 Feb 2015
b'99designs'
disclosed a bug submitted by
b'pranav_hivarekar'
b"CSRF to connect attacker's twitter account to logged in victims account"
26 Feb 2015
b'Greenhouse.io'
disclosed a bug submitted by
b'fransrosen'
b'Subdomain Takeover using blog.greenhouse.io pointing to Hubspot'
26 Feb 2015
b'Vimeo'
disclosed a bug submitted by
b'tfairane'
b'Vimeo.com Insecure Direct Object References Reset Password'
26 Feb 2015
b'Vimeo'
disclosed a bug submitted by
b'avlidienbrunn'
b'Adding profile picture to anyone on Vimeo'
26 Feb 2015
b'HackerOne'
disclosed a bug submitted by
b'danlec'
b'CSP Bypass: Click handler for links with data-method="post" can cause authenticity_token to be sent off domain'
26 Feb 2015
b'Todoist'
disclosed a bug submitted by
b'cliffordtrigo'
b'Taking over a Business Account Admin'
26 Feb 2015
b'Todoist'
disclosed a bug submitted by
b'cliffordtrigo'
b'Remotely removing credit cards from business accounts!'
26 Feb 2015
1
...
668
669
670
671
672
...
709
BY DENIS WERNER - @NOBBD -
IMPRESSUM