REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'GlassWire'
disclosed a bug submitted by
b'bigbear'
b'Clickjacking: X-Frame-Options header missing'
12 Oct 2014
b'Square'
disclosed a bug submitted by
b'avlidienbrunn'
b'Reflected XSS in connect.square.com'
11 Oct 2014
b'WePay'
disclosed a bug submitted by
b'shahmeer_amir'
b'Session fixation in wepay.com'
10 Oct 2014
b'Greenhouse.io'
disclosed a bug submitted by
b'simon90'
b'openssh-server Forced Command Handling Information Disclosure Vulnerability on blog.greenhouse.io'
10 Oct 2014
b'HackerOne'
disclosed a bug submitted by
b'mrrm'
b'homograph attack. IDNs displyed in unicode in bug reports and on external link warning page.'
09 Oct 2014
b'IRCCloud'
disclosed a bug submitted by
b'mohdhaji87'
b'Bruteforce protection not enabled on the login page https://www.irccloud.com/'
08 Oct 2014
wont-fix
b'Flash'
disclosed a bug submitted by
b'hhj4ck'
b'Adobe Flash Player FileReference Use-after-Free Vulnerability'
07 Oct 2014
b'Flash'
disclosed a bug submitted by
b'kinine'
b'Flash Local Sandbox Bypass'
07 Oct 2014
b'Twitter'
disclosed a bug submitted by
b'simon90'
b'Twitter Flight SSL 2.0 deprecated protocol vulnerability.'
07 Oct 2014
b'Square'
disclosed a bug submitted by
b'cliffordtrigo'
b'Open Redirect [FreshBook]'
04 Oct 2014
b'Python'
disclosed a bug submitted by
b'pakt'
b'Misc Python bugs (Memory Corruption & Use After Free)'
04 Oct 2014
b'HackerOne'
disclosed a bug submitted by
b'dawidczagan'
b'Enumeration of users'
03 Oct 2014
wont-fix
b'Slack'
disclosed a bug submitted by
b'shahmeer_amir'
b'HTTP Strict Transport Policy not enabled on newly made accounts'
03 Oct 2014
b'Mail.Ru'
disclosed a bug submitted by
b'quistertow'
b'Flash XSS in http://lingvo.mail.ru'
02 Oct 2014
b'Square'
disclosed a bug submitted by
b'avlidienbrunn'
b'Blind SQL injection in www.bookfresh.com'
02 Oct 2014
b'Twitter'
disclosed a bug submitted by
b'karthik29'
b'HTML form without CSRF protection at http://try.crashlytics.com/enterprise/'
02 Oct 2014
b'Phabricator'
disclosed a bug submitted by
b'shahmeer_amir'
b'Password Policy issue'
02 Oct 2014
wont-fix
b'IRCCloud'
disclosed a bug submitted by
b'mantis'
b'Persistent Cross Site Scripting within the IRCCloud Pastebin '
01 Oct 2014
b'IRCCloud'
disclosed a bug submitted by
b'mantis'
b'Unvalidated Channel names causes IRC Command Injection'
01 Oct 2014
b'The Internet'
disclosed a bug submitted by
b'someonenobbd'
b"GNU Bourne-Again Shell (Bash) 'Shellshock' Vulnerability"
01 Oct 2014
1
...
676
677
678
679
680
...
708
BY DENIS WERNER - @NOBBD -
IMPRESSUM