REPORTS
PROGRAMS
PUBLISHERS
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Internet Bug Bounty'
disclosed a bug submitted by
b'orange'
b'important: Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect (CVE-2024-38476)'
13 Jul 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'orange'
b'important: Apache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request (CVE-2024-38477)'
13 Jul 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'orange'
b'moderate: Apache HTTP Server: HTTP response splitting (CVE-2023-38709)'
13 Jul 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'orange'
b'moderate: Apache HTTP Server proxy encoding problem (CVE-2024-38473)'
13 Jul 2024
b'TikTok'
disclosed a bug submitted by
b'xtt0k'
b'Account Takeover via Authentication Bypass in TikTok Account Recovery'
13 Jul 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'noentry'
b'CVE-2024-3416: MTU of 4096 or greater without fragmentation may cause NGINX worker processes to leak previously freed memory'
12 Jul 2024
b'Rocket.Chat'
disclosed a bug submitted by
b'gronke'
b'NoSQL injection leaks visitor token and livechat messages'
11 Jul 2024
b'Mars'
disclosed a bug submitted by
b'0x999'
b'0 Click account takeover via timed requests to forgot-password (single-packet attack)'
11 Jul 2024
b'HackerOne'
disclosed a bug submitted by
b'aloneh1'
b'Reports submitted by a non 2fa setupped user account can be transferred to a 2fa require submission program '
11 Jul 2024
b'HackerOne'
disclosed a bug submitted by
b'iam_srpk'
b"2fa can't be activated on app.pullrequest.com"
11 Jul 2024
b'HackerOne'
disclosed a bug submitted by
b'pranshux0x_'
b'Two factor authentication bypass'
11 Jul 2024
b'HackerOne'
disclosed a bug submitted by
b'blakfly'
b'Session Not Expire / 2FA Bypass'
11 Jul 2024
b'HackerOne'
disclosed a bug submitted by
b'deepmarketer'
b'2FA Bypass via Leaked Cookies'
11 Jul 2024
b'HackerOne'
disclosed a bug submitted by
b'bob004x'
b'Two-factor authentication bypass lead to information disclosure about the program and all hackers participate'
11 Jul 2024
b'HackerOne'
disclosed a bug submitted by
b'5zdob13'
b'Reset the 2FA of the user which can lead to Account Takeover'
11 Jul 2024
b'HackerOne'
disclosed a bug submitted by
b'the-white-evil'
b"Bypassing the victim's phone number OTP in the account recovery process on the https://hackerone.com/settings/auth/setup_account_recovery"
11 Jul 2024
b'HackerOne'
disclosed a bug submitted by
b'raymatp'
b'2FA requirement bypass when claiming bounty '
11 Jul 2024
b'HackerOne'
disclosed a bug submitted by
b'xklepxn'
b'Improper Authentication - 2FA OTP Reusable'
11 Jul 2024
b'HackerOne'
disclosed a bug submitted by
b'011alsanosi'
b'Bypassing Two-Factor Authentication via Account Deactivation and Password Reset'
11 Jul 2024
b'HackerOne'
disclosed a bug submitted by
b'abdulprkr'
b'Business Logic error leads to bypass 2FA requirement '
11 Jul 2024
1
...
68
69
70
71
72
...
769
BY DENIS WERNER - @NOBBD -
IMPRESSUM