REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
55
b'ooooooo_q'
49
b'jon_bottarini'
49
b'haxta4ok00'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Square'
disclosed a bug submitted by
b'pranav_hivarekar'
b'CSRF login'
21 Sep 2014
wont-fix
b'concrete5'
disclosed a bug submitted by
b'robin'
b'broken authentication'
21 Sep 2014
b'Phabricator'
disclosed a bug submitted by
b'shahmeer_amir'
b'Content Spoofing through URL'
20 Sep 2014
wont-fix
b'Mail.Ru'
disclosed a bug submitted by
b'vineet'
b'(m.mail.ru) Password type input with auto-complete enabled '
19 Sep 2014
wont-fix
b'Mavenlink'
disclosed a bug submitted by
b'vineet'
b'Clickjacking & CSRF attack can be done at https://app.mavenlink.com/login'
19 Sep 2014
b'Mavenlink'
disclosed a bug submitted by
b'vineet'
b'Clickjacking at https://www.mavenlink.com/ main website '
19 Sep 2014
b'Detectify'
disclosed a bug submitted by
b'mohdhaji87'
b'Password reset link not validated.'
19 Sep 2014
b'CloudFlare'
disclosed a bug submitted by
b'mohdhaji87'
b'User can request for password reset link without giving his website, eventhough he have it'
19 Sep 2014
wont-fix
b'CloudFlare'
disclosed a bug submitted by
b'jpsecurityresearch'
b'Apache mod_negotiation filename bruteforcing'
19 Sep 2014
wont-fix
b'WePay'
disclosed a bug submitted by
b'pranav_hivarekar'
b'CSRF (Make email primary) may lead to account compromise'
19 Sep 2014
b'The Internet'
disclosed a bug submitted by
b'kaeso'
b'Multiple issues in looking-glass software (aka from web to BGP injections)'
17 Sep 2014
b'Phabricator'
disclosed a bug submitted by
b'sehacure'
b'Open redirection on secure.phabricator.com'
17 Sep 2014
b'Mail.Ru'
disclosed a bug submitted by
b'bigbear'
b'Reflected XSS in User-Agent'
16 Sep 2014
b'Khan Academy'
disclosed a bug submitted by
b'bigbear'
b'Suffix of url-path is vulnerable to XSS-attack'
16 Sep 2014
b'Detectify'
disclosed a bug submitted by
b'shahmeer_amir'
b'Cookie manipulation does not log attacker out of the session'
16 Sep 2014
wont-fix
b'Mail.Ru'
disclosed a bug submitted by
b'bigbear'
b'SQL Injection on 11x11.mail.ru'
16 Sep 2014
b'RelateIQ'
disclosed a bug submitted by
b'shahmeer_amir'
b'Resubmitted with POC #18685 Password reset CSRF'
16 Sep 2014
b'Automattic'
disclosed a bug submitted by
b'pranav_hivarekar'
b'User Enumeration and Guessable User Account Attack on WORDPRESS'
13 Sep 2014
wont-fix
b'Mail.Ru'
disclosed a bug submitted by
b'vah13'
b'SQL inj'
12 Sep 2014
b'HackerOne'
disclosed a bug submitted by
b'thetime'
b'Redirect while opening links in new tabs'
12 Sep 2014
1
...
684
685
686
687
688
...
715
BY DENIS WERNER - @NOBBD -
IMPRESSUM
