the unofficial HackerOne disclosure timeline.

X
b'Sandbox Escape' disclosed a bug submitted by b'yopwn' 
b'Microsoft Internet Explorer ActiveX Broker Allows EPM Bypass'
09 Oct 2015 timeline
b'ownCloud' disclosed a bug submitted by b'paresh_parmar' 
b'demo.owncloud.org: HTTP compression is enabled potentially leading to BREACH attack'
09 Oct 2015 timeline
b'Shopify' disclosed a bug submitted by b'reeth' 
b'The POS Firmware is leaking the root Password which can be used for unauthorized access to the device.'
09 Oct 2015 timeline
b'Udemy' disclosed a bug submitted by b'adrianbelen' 
b'XSS on https://www.udemy.com/asset/export.html'
08 Oct 2015 timeline
b'Shopify' disclosed a bug submitted by b'pouya' 
b'unauthorized access to all customers first and last name '
06 Oct 2015 timeline
b'Shopify' disclosed a bug submitted by b'dhaval' 
b'Open Redirect after login at http://ecommerce.shopify.com'
05 Oct 2015 timeline
b'Shopify' disclosed a bug submitted by b'pouya' 
b'customers password hash leak!!!!'
05 Oct 2015 timeline
b'Twitter' disclosed a bug submitted by b'wesecureapp' 
b"Insecure Direct Object Reference - access to other user/group DM's"
03 Oct 2015 timeline
b'Shopify' disclosed a bug submitted by b'satishb3' 
b'Shop admin can change external login services'
02 Oct 2015 timeline
b'Anghami' disclosed a bug submitted by b'aaj__' 
b'[https://www.anghami.com/updatemailinfo/] Sql Injection'
02 Oct 2015 timeline
b'Anghami' disclosed a bug submitted by b'egyxos' 
b'[CRITICAL] Login To Any Account Linked With Google+ With Email Only'
02 Oct 2015 timeline
b'Hired' disclosed a bug submitted by b'mohammedalsaggaf' 
b'URGENT - Subdomain Takeover on be.hired.com. due to unclaimed domain pointing to Heroku.com'
01 Oct 2015 timeline
b'Phabricator' disclosed a bug submitted by b'superkritisch' 
b"Multiple so called 'type juggling' attacks. Most notably PhabricatorUser::validateCSRFToken() is 'bypassable' in certain cases."
01 Oct 2015 timeline
b'Zaption' disclosed a bug submitted by b'psychomantis' 
b'CSV Excel Macro Injection in Export Response'
01 Oct 2015 timeline
b'Hired' disclosed a bug submitted by b'yujitounai' 
b'Stored XSS in Company Name'
30 Sep 2015 timeline
b'Shopify' disclosed a bug submitted by b'acid_creative' 
b'Passwords Returned in Later Responses.'
30 Sep 2015 timeline
b'Shopify' disclosed a bug submitted by b'prakharprasad' 
b'Prevent Shop Admin From Seeing his Installed Apps / Install Persistent Unremovable App'
29 Sep 2015 timeline
b'PHP' disclosed a bug submitted by b'libnex' 
b'Null pointer dereference in phar_get_fp_offset()'
29 Sep 2015 timeline
b'PHP' disclosed a bug submitted by b'haquaman' 
b'Uninitialized pointer in phar_make_dirstream'
29 Sep 2015 timeline
b'Vimeo' disclosed a bug submitted by b'vijay_kumar1110' 
b'Share your channel to any user on vimeo without following him'
28 Sep 2015 timeline
1 ... 701 702 703 704 705 ... 765
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM