REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
58
b'ooooooo_q'
52
b'haxta4ok00'
49
b'jon_bottarini'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Shopify'
disclosed a bug submitted by
b'kun_19'
b'Account Takeover Vulnerability in Shopify Collabs Platform Due to Missing Email Verification'
11 Mar 2025
b'Internet Bug Bounty'
disclosed a bug submitted by
b'stonksy'
b'Deadlock in x86 HVM standard VGA handling'
07 Mar 2025
b'Internet Bug Bounty'
disclosed a bug submitted by
b'scyoon'
b'Possible ReDoS vulnerability in query parameter filtering in Action Dispatch'
07 Mar 2025
b'MercadoLibre'
disclosed a bug submitted by
b'capablanca0'
b'Sale cancellations from other sellers without restrictions'
06 Mar 2025
b'Autodesk'
disclosed a bug submitted by
b'kanon4'
b'Exposing debug.log file leads to server full path disclosure'
06 Mar 2025
b'MTN Group'
disclosed a bug submitted by
b'almuntadhar'
b'SQLi | in URL paths'
06 Mar 2025
b'curl'
disclosed a bug submitted by
b'catenacyber'
b'Use after free (read) in curl_multi_perform with DoH and Proxy options, and resolve timeouts'
06 Mar 2025
b'AWS VDP'
disclosed a bug submitted by
b'xendaviour'
b'Session Timeout Does Not Enforce Re-Authentication on AWS Access Portal'
05 Mar 2025
b'Autodesk'
disclosed a bug submitted by
b'khoof'
b'CVE-2023-5561 on Payapps.com'
05 Mar 2025
b'AWS VDP'
disclosed a bug submitted by
b'nick_frichette_dd'
b'Non-Production API Endpoints for the Device Farm Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration'
04 Mar 2025
b'AWS VDP'
disclosed a bug submitted by
b'hemant1'
b'Sensitive API Key Leakage'
04 Mar 2025
b'MTN Group'
disclosed a bug submitted by
b'trev0ck'
b'Ability to Add and Verify Uncontrolled Mobile Numbers Leading to Account Takeover (ATO)'
04 Mar 2025
b'MTN Group'
disclosed a bug submitted by
b'hafiz-ng'
b'Broken Access Control leads to disclosure of transaction history via /v2/rechargeTransactionHistory endpoint'
02 Mar 2025
b'MTN Group'
disclosed a bug submitted by
b'tinopreter'
b'Admin Dashboard Access Leads to Updating Merchant Info'
02 Mar 2025
b'Autodesk'
disclosed a bug submitted by
b'the-white-evil'
b'Stored XSS via Post Tittle Enabling Non-Privileged User to Privileged User Exploitation on https://forums.autodesk.com/'
26 Feb 2025
b'AWS VDP'
disclosed a bug submitted by
b'nick_frichette_dd'
b'Non-Production API Endpoints for the Datazone Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration'
26 Feb 2025
b'PortSwigger Web Security'
disclosed a bug submitted by
b'iamunixtz'
b'Burp Suite extensions can execute arbitrary code'
26 Feb 2025
b'Sorare'
disclosed a bug submitted by
b'tinine'
b'Unsufficent input verification leads to DoS and resource consumption'
26 Feb 2025
b'GitLab'
disclosed a bug submitted by
b'asterion04'
b'Account Takeover via Password Reset without user interactions'
26 Feb 2025
b'AWS VDP'
disclosed a bug submitted by
b'nick_frichette_dd'
b'Amazon Comprehend Medical Service Reporting "AWS Internal" for CloudTrail Events Generated from FIPS Endpoints'
25 Feb 2025
1
2
3
4
...
724
BY DENIS WERNER - @NOBBD -
IMPRESSUM
