REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
84
b'linkks'
75
b'jobert'
70
b'nyymi'
64
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Cloudflare Public Bug Bounty'
disclosed a bug submitted by
b'boy_child_'
b'Bypassing creation of API tokens without email verification'
27 Mar 2023
b'Internet Bug Bounty'
disclosed a bug submitted by
b'wonda_tea_coffee'
b'Open Redirect Vulnerability in Action Pack'
26 Mar 2023
b'Nextcloud'
disclosed a bug submitted by
b'bncrypted'
b'Lack of bruteforce protection for TOTP 2FA'
26 Mar 2023
b'Nextcloud'
disclosed a bug submitted by
b'bncrypted'
b'Arbitrary read of all SVG files on a Nextcloud server'
26 Mar 2023
b'Nextcloud'
disclosed a bug submitted by
b'shakierbellows'
b'Cards in Deck are readable by any user'
26 Mar 2023
b'U.S. Department of State'
disclosed a bug submitted by
b'qualw1n'
b'Accessing unauthorized administration pages and seeing admin password - speakerkit.state.gov'
25 Mar 2023
b'Nextcloud'
disclosed a bug submitted by
b'lukasreschke'
b'Chat room member disclosure via autocomplete API'
25 Mar 2023
b'U.S. Department of State'
disclosed a bug submitted by
b'hollaatm3'
b'Bypassing Whitelist to perform SSRF for internal host scanning'
24 Mar 2023
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'pwnesec'
b'DoS at (CVE-2018-6389)'
24 Mar 2023
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'miguel_santareno'
b'Improper Access Control on Media Wiki allows an attackers to restart installation on DoD asset'
24 Mar 2023
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'rodriguezjorgex'
b'Path traversal leads to reading of local files on and '
24 Mar 2023
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'0xd3adc0de'
b'Reflected XSS in '
24 Mar 2023
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'iam_a_jinchuriki'
b'xmlrpc.php file enabled at .org'
24 Mar 2023
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'abhinavsecondary'
b'Client side authentication leads to Auth Bypass'
24 Mar 2023
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'0xd3adc0de'
b'Reflected XSS in '
24 Mar 2023
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'abhinavsecondary'
b'HAProxy stats panel exposed externally'
24 Mar 2023
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'0xd3adc0de'
b'Reflected XSS in '
24 Mar 2023
b'Uber'
disclosed a bug submitted by
b'zhero_'
b'HTML injection via insecure parameter [https://www.ubercarshare.com/]'
23 Mar 2023
b'Uber'
disclosed a bug submitted by
b'zhero_'
b'DOM based XSS via insecure parameter on [ https://uberpay-mock-psp.uber.com ]'
23 Mar 2023
b'Uber'
disclosed a bug submitted by
b'kxyry'
b"[uchat.uberinternals.com] Mattermost doesn't check Origin in Websockets, which leads to the Critical Inforamation Leakage."
23 Mar 2023
1
...
91
92
93
94
95
...
742
BY DENIS WERNER - @NOBBD -
IMPRESSUM
