REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'C2FO'
disclosed a bug submitted by
b'internetwache'
b'Password reset token leakage through referrer at https://app.c2fo.com/password/reset/'
15 Apr 2014
wont-fix
b'Khan Academy'
disclosed a bug submitted by
b'internetwache'
b'User guessing/enumeration at sw.khanacademy.org'
15 Apr 2014
wont-fix
b'Faceless'
disclosed a bug submitted by
b'shahmeer_amir'
b'Bruteforce attack in login panel'
15 Apr 2014
b'IRCCloud'
disclosed a bug submitted by
b'melvin'
b'Full account takeover using CSRF and password reset'
14 Apr 2014
b'Phabricator'
disclosed a bug submitted by
b'goldshlager'
b'OAuth Stealing Attack (New)'
13 Apr 2014
b'Slack'
disclosed a bug submitted by
b'sehacure'
b'CSRF on add comment section'
12 Apr 2014
b'Phabricator'
disclosed a bug submitted by
b'dawidczagan'
b'Control character allowed in username'
12 Apr 2014
b'Khan Academy'
disclosed a bug submitted by
b'internetwache'
b'Lighttpd version disclosure / directory listing'
12 Apr 2014
b'IRCCloud'
disclosed a bug submitted by
b'cliffordtrigo'
b'Leaking Referrer in Reset Password Link'
12 Apr 2014
b'OkCupid'
disclosed a bug submitted by
b'squirmy'
b'XSS on [okcupid.com]'
11 Apr 2014
b'RelateIQ'
disclosed a bug submitted by
b'anshuman_bh'
b'RelateIQ GWT based application visible to unauthenticated users'
11 Apr 2014
wont-fix
b'Phabricator'
disclosed a bug submitted by
b'goldshlager'
b'OAuth access_token stealing in Phabricator'
11 Apr 2014
b'Khan Academy'
disclosed a bug submitted by
b'squirmy'
b'Full Path Disclosure on [smarthistory.khanacademy.org]'
11 Apr 2014
b'Faceless'
disclosed a bug submitted by
b'atom'
b'Blocking yourself'
11 Apr 2014
b'IRCCloud'
disclosed a bug submitted by
b'chmosama'
b'DNS Misconfiguration'
11 Apr 2014
b'Slack'
disclosed a bug submitted by
b'pwndizzle'
b'User impersonation is possible with incoming webhooks'
10 Apr 2014
wont-fix
b'OkCupid'
disclosed a bug submitted by
b'melvin'
b'Users can easily be tricked into changing/disabling privacy and notification settings'
09 Apr 2014
b'OkCupid'
disclosed a bug submitted by
b'smiegles'
b'https://www.okcupid.com/hidden-users CSRF vulnerability.'
09 Apr 2014
b'OkCupid'
disclosed a bug submitted by
b'nahamsec'
b'XSS in "Questions" search module'
09 Apr 2014
b'Khan Academy'
disclosed a bug submitted by
b'smiegles'
b'http://smarthistory.khanacademy.org/search-results.html XSS'
09 Apr 2014
1
...
701
702
703
704
705
...
708
BY DENIS WERNER - @NOBBD -
IMPRESSUM