Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'55 
b'ooooooo_q'49 
b'jon_bottarini'49 
b'haxta4ok00'48 

the unofficial HackerOne disclosure timeline.

X
b'Mobile Vikings' disclosed a bug submitted by b'4lemon' 
b'Approve topup method by sender of this method'
04 Mar 2015 timeline
b'PHP' disclosed a bug submitted by b'andreapalazzo' 
b"SoapClient's __call() type confusion through unserialize()"
03 Mar 2015 timeline
b'Vimeo' disclosed a bug submitted by b'fin1te' 
b'Ability to Download Music Tracks Without Paying (Missing permission check on`/musicstore/download`)'
01 Mar 2015 timeline
b'The Internet' disclosed a bug submitted by b'dirtybit' 
b'Bad Write in TTF font parsing (win32k.sys)'
01 Mar 2015 timeline
b'Vimeo' disclosed a bug submitted by b'dotspoted' 
b'Serious Vulnerability Found'
27 Feb 2015 timeline
wont-fix
b'itBit Exchange' disclosed a bug submitted by b'zoczus' 
b'Notification Emails: IP + Content-Spoofing '
27 Feb 2015 timeline
b'itBit Exchange' disclosed a bug submitted by b'4lemon' 
b'Unsecure data in "device" response - OTP'
27 Feb 2015 timeline
b'HackerOne' disclosed a bug submitted by b'siddiki' 
b'Team member invitations to sandboxed teams are not invalidated consistently (v2)'
27 Feb 2015 timeline
b'PHP' disclosed a bug submitted by b'ryat' 
b'Use after free vulnerability in unserialize() with DateTimeZone'
27 Feb 2015 timeline
b'99designs' disclosed a bug submitted by b'pranav_hivarekar' 
b"CSRF to connect attacker's twitter account to logged in victims account"
26 Feb 2015 timeline
b'Greenhouse.io' disclosed a bug submitted by b'fransrosen' 
b'Subdomain Takeover using blog.greenhouse.io pointing to Hubspot'
26 Feb 2015 timeline
b'Vimeo' disclosed a bug submitted by b'tfairane' 
b'Vimeo.com Insecure Direct Object References Reset Password'
26 Feb 2015 timeline
b'Vimeo' disclosed a bug submitted by b'avlidienbrunn' 
b'Adding profile picture to anyone on Vimeo'
26 Feb 2015 timeline
b'HackerOne' disclosed a bug submitted by b'danlec' 
b'CSP Bypass: Click handler for links with data-method="post" can cause authenticity_token to be sent off domain'
26 Feb 2015 timeline
b'Todoist' disclosed a bug submitted by b'cliffordtrigo' 
b'Taking over a Business Account Admin'
26 Feb 2015 timeline
b'Todoist' disclosed a bug submitted by b'cliffordtrigo' 
b'Remotely removing credit cards from business accounts!'
26 Feb 2015 timeline
b'Twitter' disclosed a bug submitted by b'config' 
b"User's DM won't deleted after logout from Twitter for iOS (com.atebits.xxx.application-state)"
25 Feb 2015 timeline
b'Twitter' disclosed a bug submitted by b'homakov' 
b'Redirect URL in /intent/ functionality is not properly escaped'
24 Feb 2015 timeline
b'Square' disclosed a bug submitted by b'mikkz' 
b'XSS on bookfresh'
23 Feb 2015 timeline
b'Square' disclosed a bug submitted by b'avicoder' 
b'HTTP Header revealing server information.'
23 Feb 2015 timeline
wont-fix
1 ... 674 675 676 677 678 ... 715
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM