REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'TikTok'
disclosed a bug submitted by
b'glassplant'
b'URL Scheme misconfiguration on TikTok for IOS'
04 May 2022
b'Judge.me '
disclosed a bug submitted by
b'b3hlull'
b'Blind XSS via Feedback form.'
03 May 2022
b'Acronis'
disclosed a bug submitted by
b'sudo_bash'
b'Self-DoS due to template injection via email field in password reset form on access.acronis.com'
03 May 2022
b'MTN Group'
disclosed a bug submitted by
b'homosec'
b'XSS at http://nextapps.mtnonline.com/search/suggest/q/{xss payload}'
01 May 2022
b'MTN Group'
disclosed a bug submitted by
b'homosec'
b'XSS at videostore.mtnonline.com/GL/*.aspx via all parameters'
01 May 2022
b'Khan Academy'
disclosed a bug submitted by
b'bughunterpol'
b'Enumerate class codes via yahoo dork - Can access any course under teacher - Sensitive information leaked'
01 May 2022
b'Nextcloud'
disclosed a bug submitted by
b'dashingjaved'
b'com.nextcloud.client bypass the protection lock in andoid app v 3.18.1 latest version.'
30 Apr 2022
b'Automattic'
disclosed a bug submitted by
b'chip_sec'
b'Reflected XSS due to vulnerable version of sockjs'
29 Apr 2022
b'8x8'
disclosed a bug submitted by
b'chip_sec'
b'Hardcoded AWS credentials in .msi'
29 Apr 2022
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'fdeleite'
b'Reflected XSS []'
29 Apr 2022
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'fdeleite'
b'Reflected XSS []'
29 Apr 2022
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'exploitmsf'
b'lfi in filePathDownload parameter via '
29 Apr 2022
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'njmulsqb'
b'Sensitive data exposure via /secure/QueryComponent!Default.jspa endpoint on '
29 Apr 2022
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'fdeleite'
b' SSRF due to CVE-2021-27905 in www.'
29 Apr 2022
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'null_bytes'
b' vulnerable to CVE-2022-22954'
29 Apr 2022
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'mido0x0x'
b'Blind SQL Injection'
29 Apr 2022
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'mido0x0x'
b'SQL INJECTION in https:/// '
29 Apr 2022
b'Nextcloud'
disclosed a bug submitted by
b'igorpyan'
b'Possibility to force an admin to install recommended applications'
29 Apr 2022
b'Internet Bug Bounty'
disclosed a bug submitted by
b'monnerat'
b'OAUTH2 bearer not-checked for connection re-use'
29 Apr 2022
b'curl'
disclosed a bug submitted by
b'monnerat'
b'CVE-2022-22576: OAUTH2 bearer bypass in connection re-use'
29 Apr 2022
1
...
88
89
90
91
92
...
694
BY DENIS WERNER - @NOBBD -
IMPRESSUM