REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
55
b'ooooooo_q'
49
b'jon_bottarini'
49
b'haxta4ok00'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'jsDelivr'
disclosed a bug submitted by
b'vineet'
b'Directory Traversal at http://staging.jsdelivr.net/'
20 Aug 2014
b'Yahoo!'
disclosed a bug submitted by
b'imadchabounia'
b'caesary.yahoo.net Blind Sql Injection'
20 Aug 2014
b'WePay'
disclosed a bug submitted by
b'anshuman_bh'
b'CSRF on email address operations. Also performing unintended operations. '
19 Aug 2014
b'concrete5'
disclosed a bug submitted by
b'melvin'
b'Cross-Site Scripting in getMarketplacePurchaseFrame'
18 Aug 2014
b'Factor.io'
disclosed a bug submitted by
b'quistertow'
b'Reflected XSS - factor.io'
18 Aug 2014
b'InVision'
disclosed a bug submitted by
b'pranav_hivarekar'
b'Sensitive information in cookies'
17 Aug 2014
wont-fix
b'DigitalSellz'
disclosed a bug submitted by
b'bitquark'
b'Verbose SQL error messages'
17 Aug 2014
b'DigitalSellz'
disclosed a bug submitted by
b'faisalahmed'
b'USER Account is not being deleted after user "Delete Account" from DASHBOARD'
17 Aug 2014
b'Mail.Ru'
disclosed a bug submitted by
b'vah13'
b'SQL '
16 Aug 2014
b'Secret'
disclosed a bug submitted by
b'mohaab007'
b'secret app for iOS and android is sending some info over HTTP'
16 Aug 2014
b'Twitter'
disclosed a bug submitted by
b'mohaab007'
b'uclfinal.twitter.com and euro2012.twitter.com are vulnerable to CRIME attack'
16 Aug 2014
wont-fix
b'Automattic'
disclosed a bug submitted by
b'mohaab007'
b'Top 10 2013-A2-Broken Authentication and Session Management - wordpress.com'
16 Aug 2014
wont-fix
b'Envoy'
disclosed a bug submitted by
b'anshuman_bh'
b'Stored XSS on sign_up page'
16 Aug 2014
b'Envoy'
disclosed a bug submitted by
b'anshuman_bh'
b'Stored XSS on adding locations'
16 Aug 2014
b'Automattic'
disclosed a bug submitted by
b'mohaab007'
b'Missing HSTS header in https://app.simplenote.com'
16 Aug 2014
wont-fix
b'Twitter'
disclosed a bug submitted by
b'jpsecurityresearch'
b'XSS ON MOPUB.COM'
15 Aug 2014
b'Detectify'
disclosed a bug submitted by
b'shahmeer_amir'
b'No logout mechanism due cookie tampering'
15 Aug 2014
wont-fix
b'Slack'
disclosed a bug submitted by
b'ashesh'
b'TLS1/SSLv3 Renegotiation Vulnerability'
14 Aug 2014
wont-fix
b'Envoy'
disclosed a bug submitted by
b'tdthechamp'
b'Authentication Bypass'
14 Aug 2014
wont-fix
b'Factlink'
disclosed a bug submitted by
b'shahmeer_amir'
b'Click-Jacking due to missing X-frame header'
13 Aug 2014
wont-fix
1
...
684
685
686
687
688
...
711
BY DENIS WERNER - @NOBBD -
IMPRESSUM