REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
83
b'linkks'
75
b'jobert'
70
b'nyymi'
62
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Anghami'
disclosed a bug submitted by
b'egyxos'
b'[CRITICAL] Login To Any Account Linked With Google+ With Email Only'
02 Oct 2015
b'Hired'
disclosed a bug submitted by
b'mohammedalsaggaf'
b'URGENT - Subdomain Takeover on be.hired.com. due to unclaimed domain pointing to Heroku.com'
01 Oct 2015
b'Phabricator'
disclosed a bug submitted by
b'superkritisch'
b"Multiple so called 'type juggling' attacks. Most notably PhabricatorUser::validateCSRFToken() is 'bypassable' in certain cases."
01 Oct 2015
b'Zaption'
disclosed a bug submitted by
b'psychomantis'
b'CSV Excel Macro Injection in Export Response'
01 Oct 2015
b'Hired'
disclosed a bug submitted by
b'yujitounai'
b'Stored XSS in Company Name'
30 Sep 2015
b'Shopify'
disclosed a bug submitted by
b'acid_creative'
b'Passwords Returned in Later Responses.'
30 Sep 2015
b'Shopify'
disclosed a bug submitted by
b'prakharprasad'
b'Prevent Shop Admin From Seeing his Installed Apps / Install Persistent Unremovable App'
29 Sep 2015
b'PHP'
disclosed a bug submitted by
b'libnex'
b'Null pointer dereference in phar_get_fp_offset()'
29 Sep 2015
b'PHP'
disclosed a bug submitted by
b'haquaman'
b'Uninitialized pointer in phar_make_dirstream'
29 Sep 2015
b'Vimeo'
disclosed a bug submitted by
b'vijay_kumar1110'
b'Share your channel to any user on vimeo without following him'
28 Sep 2015
b'ownCloud'
disclosed a bug submitted by
b'bigbear_'
b'[s3.owncloud.com] Web Server HTTP Trace/Track Method Support '
28 Sep 2015
b'ownCloud'
disclosed a bug submitted by
b'ashish_padelkar'
b'No email verification during registration'
28 Sep 2015
b'QIWI'
disclosed a bug submitted by
b'pradeepch99'
b'Session Cookie without HttpOnly and secure flag set'
27 Sep 2015
b'Python'
disclosed a bug submitted by
b'hugbounter'
b'Integer overflow in _Unpickler_Read'
26 Sep 2015
b'Udemy'
disclosed a bug submitted by
b'decay'
b'Extremely high Course rating values could be set in order to make really high Average rating of the course. Negative values could be set to.'
25 Sep 2015
b'HackerOne'
disclosed a bug submitted by
b'ericr'
b'Minor Bug: Public un-compiled CSS with original sass, versioning, source map, comments, etc.'
25 Sep 2015
b'Shopify'
disclosed a bug submitted by
b'dvl'
b'Notification request disclose private information about other myshopify accounts'
24 Sep 2015
b'Gratipay'
disclosed a bug submitted by
b'ashesh'
b'DKIM records not present, Email Hijacking is possible'
23 Sep 2015
b'HackerOne'
disclosed a bug submitted by
b'appsec3'
b'CSV Injection with the CVS export feature'
21 Sep 2015
b'Twitter'
disclosed a bug submitted by
b'isox'
b'POODLE Bug: 199.16.156.44, 199.16.156.108, mx4.twitter.com'
20 Sep 2015
1
...
674
675
676
677
678
...
738
BY DENIS WERNER - @NOBBD -
IMPRESSUM
