REPORTS
PROGRAMS
PUBLISHERS
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Ubiquiti Networks'
disclosed a bug submitted by
b'93c08539'
b'Arbritrary file Upload on AirMax'
13 Feb 2016
b'Ruby on Rails'
disclosed a bug submitted by
b'forced-request'
b'Explicit, dynamic render path: Dir. Trav + RCE'
12 Feb 2016
b'Ruby on Rails'
disclosed a bug submitted by
b'zachaysan'
b'Changeable model ids on vanilla update can lead to severely bad side-effects'
12 Feb 2016
b'Ruby on Rails'
disclosed a bug submitted by
b'jcoyne'
b'Nested attributes reject_if proc can be circumvented by providing "_destroy" parameter'
12 Feb 2016
b'Ruby on Rails'
disclosed a bug submitted by
b'backus'
b'Validation bypass for Active Record and Active Model'
12 Feb 2016
b'Khan Academy'
disclosed a bug submitted by
b'benmassaoud'
b'XSS vulnerability in "/coach/roster/" ( create your first class) '
12 Feb 2016
b'Gratipay'
disclosed a bug submitted by
b'prince'
b'grtp.co is vulnerable to http-vuln-cve2011-3192'
12 Feb 2016
b'Caviar'
disclosed a bug submitted by
b'cliffordtrigo'
b'Remotely modifying courier Account Details'
11 Feb 2016
b'Mail.Ru'
disclosed a bug submitted by
b'konqi'
b'[allods.my.com] SSRF / XSPA'
11 Feb 2016
b'ownCloud'
disclosed a bug submitted by
b'arover7'
b'otrs.owncloud.com: Reflected Cross-Site Scripting'
10 Feb 2016
b'Vimeo'
disclosed a bug submitted by
b'sintheticlabs'
b'Legacy API exposes private video titles'
10 Feb 2016
b'Paragon Initiative Enterprises'
disclosed a bug submitted by
b'karthic'
b'Missing SPF for https://paragonie.com/'
08 Feb 2016
b'Keybase'
disclosed a bug submitted by
b'saeedhashem'
b'Content spoofing due to the improper behavior of the not-found meesage'
08 Feb 2016
b'Coinbase'
disclosed a bug submitted by
b'paulos_'
b'OAuth authorization page vulnerable to clickjacking'
07 Feb 2016
b'Udemy'
disclosed a bug submitted by
b'shekhar93'
b'information disclosure'
07 Feb 2016
b'Paragon Initiative Enterprises'
disclosed a bug submitted by
b'hat_mast3r'
b'Open-redirect on paragonie.com'
07 Feb 2016
b'ownCloud'
disclosed a bug submitted by
b'00day'
b'Self-XSS in mails sent by hello@owncloud.com'
06 Feb 2016
b'ownCloud'
disclosed a bug submitted by
b'ishahriyar'
b'Mixed Active Scripting Issue on stats.owncloud.org'
06 Feb 2016
b'Keybase'
disclosed a bug submitted by
b'ahmed_abdalla'
b'Remote Server Restart Lead to Denial of Server by only one Request.'
06 Feb 2016
b'ownCloud'
disclosed a bug submitted by
b'ashesh'
b's2.owncloud.com: Web Server HTTP Trace/Track Method Support Cross-Site Tracing Vulnerability'
05 Feb 2016
1
...
692
693
694
695
696
...
769
BY DENIS WERNER - @NOBBD -
IMPRESSUM