REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
55
b'ooooooo_q'
49
b'jon_bottarini'
49
b'haxta4ok00'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Square'
disclosed a bug submitted by
b'hammad'
b'Invitation threshold '
05 Apr 2015
wont-fix
b'Mobile Vikings'
disclosed a bug submitted by
b'smiegles'
b'Insecure crossdomain.xml'
04 Apr 2015
b'Dropbox'
disclosed a bug submitted by
b'daksh'
b'Privilege Escalation at invite feature @hackpad.com'
04 Apr 2015
b'Dropbox'
disclosed a bug submitted by
b'rohill'
b'Create N Accounts In Dropbox Irrespective Of Domain'
04 Apr 2015
wont-fix
b'Airbnb'
disclosed a bug submitted by
b'shamrocksu88'
b'Generating Unlimited Free Travel Gift Invites | IDOR'
04 Apr 2015
wont-fix
b'Coinbase'
disclosed a bug submitted by
b'homakov'
b"Sandboxed iframes don't show confirmation screen"
04 Apr 2015
b'Robocoin'
disclosed a bug submitted by
b'4lemon'
b'Error stack trace'
03 Apr 2015
b'Robocoin'
disclosed a bug submitted by
b'4lemon'
b'Stored XSS in api key of operator wallet'
03 Apr 2015
b'Robocoin'
disclosed a bug submitted by
b'4lemon'
b'stored xss in transaction'
03 Apr 2015
b'Vimeo'
disclosed a bug submitted by
b'adrianbelen'
b'abusing Thumbnails(https://vimeo.com/upload/select_thumb) to see a private video'
03 Apr 2015
b'Mobile Vikings'
disclosed a bug submitted by
b'4lemon'
b'CSRF token from another valid user session accepted'
03 Apr 2015
wont-fix
b'Mobile Vikings'
disclosed a bug submitted by
b'4lemon'
b'Enum phone numbers thru /en/sims/topup/add/'
03 Apr 2015
b'Slack'
disclosed a bug submitted by
b'satishb3'
b'Team admin can add billing contacts'
03 Apr 2015
b'Twitter'
disclosed a bug submitted by
b'seifelsallamy'
b'Open Redirect leak of authenticity_token lead to full account take over.'
03 Apr 2015
b'Twitter'
disclosed a bug submitted by
b'masatokinugawa'
b'XSS in twitter.com/safety/unsafe_link_warning'
03 Apr 2015
b'Vimeo'
disclosed a bug submitted by
b'jensk'
b'Can message users without the proper authorization'
01 Apr 2015
b'The Internet'
disclosed a bug submitted by
b'prosecco-inria'
b'FREAK: Factoring RSA_EXPORT Keys to Impersonate TLS Servers'
01 Apr 2015
b'Coinbase'
disclosed a bug submitted by
b'sasi2103'
b'Invoice Details activate JS that filled in '
30 Mar 2015
b'Sucuri'
disclosed a bug submitted by
b'jitendra'
b'Form contained inside page loaded over SSL submits its contents to another page over HTTP '
29 Mar 2015
wont-fix
b'Vimeo'
disclosed a bug submitted by
b'localpwn'
b'Bypassing Email verification '
29 Mar 2015
wont-fix
1
...
670
671
672
673
674
...
715
BY DENIS WERNER - @NOBBD -
IMPRESSUM
