REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
84
b'linkks'
75
b'jobert'
70
b'nyymi'
64
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'WP API'
disclosed a bug submitted by
b'voodookobra'
b'Cryptographic Side Channel in OAuth Library'
29 Oct 2014
b'WP API'
disclosed a bug submitted by
b'voodookobra'
b'MD5 used for Key-Auth signatures'
29 Oct 2014
wont-fix
b'ReddAPI'
disclosed a bug submitted by
b'chmosama'
b'Strict Transport Security Misconfiguration'
28 Oct 2014
b'ReddAPI'
disclosed a bug submitted by
b'chmosama'
b'Browser cross-site scripting filter misconfiguration'
28 Oct 2014
b'ReddAPI'
disclosed a bug submitted by
b'chmosama'
b' Content Sniffing not disabled'
28 Oct 2014
b'HackerOne'
disclosed a bug submitted by
b'prakharprasad'
b'Window Opener Property Bug'
28 Oct 2014
b'concrete5'
disclosed a bug submitted by
b'voodookobra'
b'Weak random number generator used in concrete/authentication/concrete/controller.php'
26 Oct 2014
b'joola.io'
disclosed a bug submitted by
b'voodookobra'
b'Weak Random Number Generator for Auth Tokens'
25 Oct 2014
b'joola.io'
disclosed a bug submitted by
b'voodookobra'
b'Timing Attack Side-Channel on API Token Verification'
25 Oct 2014
b'WePay'
disclosed a bug submitted by
b'anshuman_bh'
b'Session Fixation'
23 Oct 2014
b'HackerOne'
disclosed a bug submitted by
b'pranav_hivarekar'
b'Redirect FILTER bypass in report/comment'
19 Oct 2014
b'Coinbase'
disclosed a bug submitted by
b'anshuman_bh'
b'Leaking CSRF token over HTTP resulting in CSRF protection bypass'
16 Oct 2014
b'Mail.Ru'
disclosed a bug submitted by
b'bigbear'
b'????????? ??????? ?????????? ????'
16 Oct 2014
b'Twitter'
disclosed a bug submitted by
b'sehacure'
b'Cross site scripting on ads.twitter.com'
16 Oct 2014
b'HackerOne'
disclosed a bug submitted by
b'prakharprasad'
b'Ability to see common response titles of other teams (limited)'
15 Oct 2014
b'GlassWire'
disclosed a bug submitted by
b'bigbear'
b'Clickjacking: X-Frame-Options header missing'
12 Oct 2014
b'Square'
disclosed a bug submitted by
b'avlidienbrunn'
b'Reflected XSS in connect.square.com'
11 Oct 2014
b'WePay'
disclosed a bug submitted by
b'shahmeer_amir'
b'Session fixation in wepay.com'
10 Oct 2014
b'Greenhouse.io'
disclosed a bug submitted by
b'simon90'
b'openssh-server Forced Command Handling Information Disclosure Vulnerability on blog.greenhouse.io'
10 Oct 2014
b'HackerOne'
disclosed a bug submitted by
b'mrrm'
b'homograph attack. IDNs displyed in unicode in bug reports and on external link warning page.'
09 Oct 2014
1
...
711
712
713
714
715
...
744
BY DENIS WERNER - @NOBBD -
IMPRESSUM
