REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
57
b'ooooooo_q'
50
b'jon_bottarini'
49
b'haxta4ok00'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Coinbase'
disclosed a bug submitted by
b'anshuman_bh'
b'Improper Validation of the Referrer header leading to Open URL Redirection'
29 Apr 2014
wont-fix
b'Detectify'
disclosed a bug submitted by
b'simon90'
b'SVN file disclosure on lazer.detectify.com'
29 Apr 2014
b'OkCupid'
disclosed a bug submitted by
b'rajuraju14'
b'okcupid.com vulnerable to Heartbleed attack'
28 Apr 2014
b'IRCCloud'
disclosed a bug submitted by
b'xss'
b'Login page password-guessing attack(Brute-force attack-High).'
26 Apr 2014
wont-fix
b'HackerOne'
disclosed a bug submitted by
b'leander'
b'Arbitrary file uploads to Amazon WS.'
26 Apr 2014
wont-fix
b'IRCCloud'
disclosed a bug submitted by
b'anshuman_bh'
b'Host Header is not validated resulting in Open Redirect'
24 Apr 2014
b'Ian Dunn'
disclosed a bug submitted by
b'atulshedage'
b'Xss in CampTix Event Ticketing'
24 Apr 2014
b'ReddAPI'
disclosed a bug submitted by
b'exploitprotocol'
b'No Captcha or rate limit on Login Page'
23 Apr 2014
b'IRCCloud'
disclosed a bug submitted by
b'exploitprotocol'
b"Session Token is not Verified while changing Account Setting's which Result In account Takeover"
23 Apr 2014
b'respondly'
disclosed a bug submitted by
b'atom'
b'Deleting team members'
23 Apr 2014
b'Localize'
disclosed a bug submitted by
b'simon90'
b'Criptographic Issue: Strisct Transport Security with not good max age..(TOO SHORT!)'
23 Apr 2014
b'Localize'
disclosed a bug submitted by
b'faisalahmed'
b'Atttacker can send "Invitation Request" to a Project that is not even created yet!'
23 Apr 2014
b'respondly'
disclosed a bug submitted by
b'mohamed_fouad'
b'Full Path Disclosure'
23 Apr 2014
b'Localize'
disclosed a bug submitted by
b'faisalahmed'
b'Full Path Disclosure (FPD) in www.localize.im'
23 Apr 2014
b'Ian Dunn'
disclosed a bug submitted by
b'cliffordtrigo'
b'Stored XSS in all fields in Basic Google Maps Placemarks Settings'
23 Apr 2014
b'Secret'
disclosed a bug submitted by
b'simon90'
b'Strict Transport Security on secret.ly'
22 Apr 2014
b'OkCupid'
disclosed a bug submitted by
b'simon90'
b'Stored XSS on your site..'
22 Apr 2014
b'HackerOne'
disclosed a bug submitted by
b'simon90'
b'Criptographic Issue: Strisct Transport Security with not good max age..(TOO SHORT!)'
22 Apr 2014
b'Localize'
disclosed a bug submitted by
b'robin'
b'No BruteForce Protection'
22 Apr 2014
b'respondly'
disclosed a bug submitted by
b'melvin'
b'OAuth open redirect'
22 Apr 2014
1
...
706
707
708
709
710
...
718
BY DENIS WERNER - @NOBBD -
IMPRESSUM