REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'UPchieve'
disclosed a bug submitted by
b'rupachandransangothi'
b'OTP reflecting in response sensitive data exposure leads to account take over'
26 Mar 2022
b'UPchieve'
disclosed a bug submitted by
b'pranto_0'
b'No Rate Limit on forgot password page'
26 Mar 2022
b'UPchieve'
disclosed a bug submitted by
b'ww1'
b'Password reset token leakage'
26 Mar 2022
b'UPchieve'
disclosed a bug submitted by
b'ww1'
b'Missing Validation in editing "Your Phone Number" '
26 Mar 2022
b'UPchieve'
disclosed a bug submitted by
b'ww1'
b'Password Reuse'
26 Mar 2022
b'UPchieve'
disclosed a bug submitted by
b'ww1'
b'Outdated Copyright Message @ Welcome email'
26 Mar 2022
b'UPchieve'
disclosed a bug submitted by
b'rupachandransangothi'
b'No rate Limit on Password Reset page on upchieve'
26 Mar 2022
b'UPchieve'
disclosed a bug submitted by
b'sara346'
b'Clickjacking login page of https://hackers.upchieve.org/login'
26 Mar 2022
b'UPchieve'
disclosed a bug submitted by
b'bd10ceb041a5297f881137c'
b'No Rate Limiting for Password Reset Email Leads to Email Flooding'
26 Mar 2022
b'Alohi'
disclosed a bug submitted by
b'shamim_12__'
b'Misconfigured Rate Limit at app.sign.plus/forgot_password'
25 Mar 2022
b'8x8'
disclosed a bug submitted by
b'remonsec'
b'F5 BIG-IP TMUI RCE - CVE-2020-5902 (.packet8.net)'
25 Mar 2022
b'Dragon'
disclosed a bug submitted by
b'engr-naseem1'
b'Business Logic Flaw in the subscription of the app'
25 Mar 2022
b'Kubernetes'
disclosed a bug submitted by
b'0xlegendkiller'
b'Broken link hijacking in https://kubernetes-csi.github.io/docs/drivers.html?highlight=chubaofs#production-drivers'
25 Mar 2022
b'TikTok'
disclosed a bug submitted by
b'bushidobrown200'
b'Impersonation of tiktok account via Broken Link in TikTok Newsroom'
24 Mar 2022
b'Internet Bug Bounty'
disclosed a bug submitted by
b'hkratz'
b'Time-of-check to time-of-use vulnerability in the std::fs::remove_dir_all() function of the Rust standard library'
24 Mar 2022
b'Basecamp'
disclosed a bug submitted by
b'fuzzsqlb0f'
b'Improper Authentication via previous backup code login'
24 Mar 2022
b'Stripe'
disclosed a bug submitted by
b'gregxsunday'
b'Bypassing domain deny_list rule in Smokescreen via trailing dot leads to SSRF'
23 Mar 2022
b'pixiv'
disclosed a bug submitted by
b'aidilarf_2000'
b'XSS Reflected at https://sketch.pixiv.net/ Via `next_url`'
23 Mar 2022
b'ImpressCMS'
disclosed a bug submitted by
b'egix'
b'Incorrect Authorization Checks in /include/findusers.php'
22 Mar 2022
b'ImpressCMS'
disclosed a bug submitted by
b'egix'
b'Arbitrary File Deletion via Path Traversal in image-edit.php'
22 Mar 2022
1
...
94
95
96
97
98
...
693
BY DENIS WERNER - @NOBBD -
IMPRESSUM