REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
83
b'linkks'
75
b'jobert'
70
b'nyymi'
62
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Automattic'
disclosed a bug submitted by
b'smilez_hapiez'
b'Session Cookie without Secure flag set'
21 May 2014
wont-fix
b'respondly'
disclosed a bug submitted by
b'karthic'
b'X-Content-Type-Options header missing'
21 May 2014
b'Localize'
disclosed a bug submitted by
b'ajaysinghnegi'
b'Projects Watch or Notifications Settings Change Via CSRF'
21 May 2014
b'CloudFlare'
disclosed a bug submitted by
b'shahmeer_amir'
b'Apache Multiviews are enabled'
21 May 2014
wont-fix
b'Faceless'
disclosed a bug submitted by
b'trotmaster'
b'Account hijacking possible through ADB backup feature'
21 May 2014
b'IRCCloud'
disclosed a bug submitted by
b'nikbugbounty'
b'Login CSRF can be bypassed (Similar approach to previous one).'
20 May 2014
b'HackerOne'
disclosed a bug submitted by
b'niks'
b'harvesting attack on user registration'
19 May 2014
wont-fix
b'RelateIQ'
disclosed a bug submitted by
b'niks'
b'open redirect'
19 May 2014
wont-fix
b'Slack'
disclosed a bug submitted by
b'niks'
b'Reflected Xss'
19 May 2014
b'C2FO'
disclosed a bug submitted by
b'internetwache'
b'User guessing/enumeration at https://app.c2fo.com/api/password-reset'
19 May 2014
b'Localize'
disclosed a bug submitted by
b'vhssunny1'
b'Server header - information disclosure '
19 May 2014
b'Localize'
disclosed a bug submitted by
b'karthic'
b'X-Content-Type-Options header missing'
19 May 2014
b'joola.io'
disclosed a bug submitted by
b'shahmeer_amir'
b'Login password guessing attack'
19 May 2014
b'Localize'
disclosed a bug submitted by
b'guido'
b'Change user settings through CSRF'
18 May 2014
b'Localize'
disclosed a bug submitted by
b'abhijeth'
b'Password Policy'
18 May 2014
b'Localize'
disclosed a bug submitted by
b'vhssunny1'
b'Business logic Failure - Browser cache management and logout vulnerability.'
18 May 2014
b'Localize'
disclosed a bug submitted by
b'melvin'
b'Apache2 /icons/ folder accessible'
18 May 2014
b'respondly'
disclosed a bug submitted by
b'vandana91'
b'x-frame options-sameorigin warning'
18 May 2014
b'respondly'
disclosed a bug submitted by
b'daksh'
b'DNS Misconfiguration'
18 May 2014
b'IRCCloud'
disclosed a bug submitted by
b'ashesh'
b'Unwanted Spamming Using CSRF [LOGGED IN USER]'
17 May 2014
wont-fix
1
...
722
723
724
725
726
...
737
BY DENIS WERNER - @NOBBD -
IMPRESSUM
