REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
83
b'linkks'
75
b'jobert'
70
b'nyymi'
63
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'respondly'
disclosed a bug submitted by
b'dhaval'
b'No Bruteforce Protection'
22 May 2014
b'CloudFlare'
disclosed a bug submitted by
b'smilez_hapiez'
b' Cookie missing the Secure flag '
22 May 2014
wont-fix
b'Mail.Ru'
disclosed a bug submitted by
b'atom'
b'Unproper usage of Mobile Number that will lead to Information Disclosure'
22 May 2014
wont-fix
b'Slack'
disclosed a bug submitted by
b'prakharprasad'
b'Stored XSS in Channel Chat '
21 May 2014
b'Slack'
disclosed a bug submitted by
b'prakharprasad'
b'Open Redirect in Slack'
21 May 2014
wont-fix
b'Slack'
disclosed a bug submitted by
b'prakharprasad'
b'Duplicate of #4550'
21 May 2014
b'Automattic'
disclosed a bug submitted by
b'smilez_hapiez'
b'Session Cookie without Secure flag set'
21 May 2014
wont-fix
b'Automattic'
disclosed a bug submitted by
b'smilez_hapiez'
b'Session Cookie without Secure flag set'
21 May 2014
wont-fix
b'respondly'
disclosed a bug submitted by
b'karthic'
b'X-Content-Type-Options header missing'
21 May 2014
b'Localize'
disclosed a bug submitted by
b'ajaysinghnegi'
b'Projects Watch or Notifications Settings Change Via CSRF'
21 May 2014
b'CloudFlare'
disclosed a bug submitted by
b'shahmeer_amir'
b'Apache Multiviews are enabled'
21 May 2014
wont-fix
b'Faceless'
disclosed a bug submitted by
b'trotmaster'
b'Account hijacking possible through ADB backup feature'
21 May 2014
b'IRCCloud'
disclosed a bug submitted by
b'nikbugbounty'
b'Login CSRF can be bypassed (Similar approach to previous one).'
20 May 2014
b'HackerOne'
disclosed a bug submitted by
b'niks'
b'harvesting attack on user registration'
19 May 2014
wont-fix
b'RelateIQ'
disclosed a bug submitted by
b'niks'
b'open redirect'
19 May 2014
wont-fix
b'Slack'
disclosed a bug submitted by
b'niks'
b'Reflected Xss'
19 May 2014
b'C2FO'
disclosed a bug submitted by
b'internetwache'
b'User guessing/enumeration at https://app.c2fo.com/api/password-reset'
19 May 2014
b'Localize'
disclosed a bug submitted by
b'vhssunny1'
b'Server header - information disclosure '
19 May 2014
b'Localize'
disclosed a bug submitted by
b'karthic'
b'X-Content-Type-Options header missing'
19 May 2014
b'joola.io'
disclosed a bug submitted by
b'shahmeer_amir'
b'Login password guessing attack'
19 May 2014
1
...
725
726
727
728
729
...
740
BY DENIS WERNER - @NOBBD -
IMPRESSUM
