REPORTS
PROGRAMS
PUBLISHERS
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Uber'
disclosed a bug submitted by
b'rohk'
b'Drivers can change profile picture'
12 May 2016
b'Mail.Ru'
disclosed a bug submitted by
b'cyberpunkych'
b'Reflected XSS ?? games.mail.ru'
12 May 2016
b'Uber'
disclosed a bug submitted by
b'rohk'
b'Mass Assignment Vulnerability in partners.uber.com'
09 May 2016
b'Algolia'
disclosed a bug submitted by
b'djamel-ghorab'
b'text injection can be used in phishing 404 page should not include attacker text'
09 May 2016
b'Uber'
disclosed a bug submitted by
b'iad'
b'XSS on love.uber.com'
09 May 2016
b'Uber'
disclosed a bug submitted by
b'e3xpl0it'
b'Dom Based Xss'
09 May 2016
b'Uber'
disclosed a bug submitted by
b'blueberryinfosec'
b'Session retention is present which reveals the customer info'
09 May 2016
b'Uber'
disclosed a bug submitted by
b'mdv'
b'Reflected XSS via Unvalidated / Open Redirect in uber.com'
09 May 2016
b'Uber'
disclosed a bug submitted by
b'kirit1193'
b'CRLF Injection in developer.uber.com'
09 May 2016
b'Uber'
disclosed a bug submitted by
b'ddworken'
b'Stored XSS in archive.uber.com Due to Injection of Javascript:alert(0)'
09 May 2016
b'Uber'
disclosed a bug submitted by
b'ddworken'
b"CrashPlan Backup is Vulnerable Allowing to a DoS Attack Against Uber's Backups to ```backup.uber.com```"
09 May 2016
b'New Relic'
disclosed a bug submitted by
b'mimieux'
b'Stored Cross-Site Scripting via Angular Template Injection'
09 May 2016
b'Uber'
disclosed a bug submitted by
b'mdv'
b'Reflected XSS via Livefyre Media Wall in newsroom.uber.com'
09 May 2016
b'Dovecot'
disclosed a bug submitted by
b'bdwhitehat'
b'Cross-Site Scripting Vulnerability in dovecot.fi'
09 May 2016
b'Dropbox'
disclosed a bug submitted by
b'gone'
b'Dropbox apps Server side request forgery'
09 May 2016
b'Uber'
disclosed a bug submitted by
b'siddiki'
b'XSS @ love.uber.com'
07 May 2016
b'Uber'
disclosed a bug submitted by
b'djadmin'
b'Cross-site Scripting (XSS)'
06 May 2016
b'ThisData'
disclosed a bug submitted by
b'dirtycoder'
b'STORED XSS FOUND'
06 May 2016
b'Coinbase'
disclosed a bug submitted by
b'apok'
b"User's legal name could be changed despite front end controls being disabled"
05 May 2016
b'PHP'
disclosed a bug submitted by
b'hji'
b'Integer overflow in ZipArchive::getFrom*'
05 May 2016
1
...
677
678
679
680
681
...
768
BY DENIS WERNER - @NOBBD -
IMPRESSUM
