REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Khan Academy'
disclosed a bug submitted by
b'squirmy'
b'Full Path Disclosure on [smarthistory.khanacademy.org]'
11 Apr 2014
b'Faceless'
disclosed a bug submitted by
b'atom'
b'Blocking yourself'
11 Apr 2014
b'IRCCloud'
disclosed a bug submitted by
b'chmosama'
b'DNS Misconfiguration'
11 Apr 2014
b'Slack'
disclosed a bug submitted by
b'pwndizzle'
b'User impersonation is possible with incoming webhooks'
10 Apr 2014
wont-fix
b'OkCupid'
disclosed a bug submitted by
b'melvin'
b'Users can easily be tricked into changing/disabling privacy and notification settings'
09 Apr 2014
b'OkCupid'
disclosed a bug submitted by
b'smiegles'
b'https://www.okcupid.com/hidden-users CSRF vulnerability.'
09 Apr 2014
b'OkCupid'
disclosed a bug submitted by
b'nahamsec'
b'XSS in "Questions" search module'
09 Apr 2014
b'Khan Academy'
disclosed a bug submitted by
b'smiegles'
b'http://smarthistory.khanacademy.org/search-results.html XSS'
09 Apr 2014
b'Khan Academy'
disclosed a bug submitted by
b'smiegles'
b'Dom based XSS https://www.khanacademy.org/'
09 Apr 2014
b'Khan Academy'
disclosed a bug submitted by
b'smiegles'
b'https://www.khanacademy.org/login open-redirect'
09 Apr 2014
b'Khan Academy'
disclosed a bug submitted by
b'smiegles'
b'Stored XSS {dangerous?} https://www.khanacademy.org/coach/roster/?listId=allStudents'
09 Apr 2014
b'Khan Academy'
disclosed a bug submitted by
b'smiegles'
b'https://www.khanacademy.org/coach/reports/activity XSS'
09 Apr 2014
b'Khan Academy'
disclosed a bug submitted by
b'smiegles'
b'Persistent class XSS [the fuck]'
09 Apr 2014
b'concrete5'
disclosed a bug submitted by
b'g4mm4'
b'https://concrete5.org ::: HeartBleed Attack (CVE-2014-0160)'
09 Apr 2014
b'Khan Academy'
disclosed a bug submitted by
b'chmosama'
b'Weak Ciphers Enabled'
09 Apr 2014
b'Khan Academy'
disclosed a bug submitted by
b'atom'
b'Open Redirection in SmartHistory KhanAcademy'
09 Apr 2014
b'Khan Academy'
disclosed a bug submitted by
b'prakharprasad'
b'XSS at http://smarthistory.khanacademy.org'
09 Apr 2014
b'Factlink'
disclosed a bug submitted by
b'jobert'
b'Proxy discloses internal web servers'
08 Apr 2014
b'OkCupid'
disclosed a bug submitted by
b'smiegles'
b'http://www2.okcupid.com/profile Cross-site scripting'
08 Apr 2014
b'Slack'
disclosed a bug submitted by
b'netfuzzer'
b'flash content type sniff vulnerability in api.slack.com'
08 Apr 2014
1
...
702
703
704
705
706
...
709
BY DENIS WERNER - @NOBBD -
IMPRESSUM