REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Stripe'
disclosed a bug submitted by
b'gregxsunday'
b'User can pay using archived price by manipulating the request sent to `POST /v1/payment_pages/for_plink`'
19 Jan 2022
b'Recorded Future'
disclosed a bug submitted by
b'fornex'
b'Dom Xss vulnerability'
19 Jan 2022
b'Mail.ru'
disclosed a bug submitted by
b'ian'
b'Exposed Golang debugger on tier3.riot.mail.ru:9090, 9080'
19 Jan 2022
b'Urban Dictionary'
disclosed a bug submitted by
b'bemodtwz'
b'DOM XSS through ads'
18 Jan 2022
b'Automattic'
disclosed a bug submitted by
b'rockybandana'
b'SSRF & Blind XSS in Gravatar email '
17 Jan 2022
b'Palo Alto Software'
disclosed a bug submitted by
b'paramdham'
b' Clickjacking'
17 Jan 2022
b'Slack'
disclosed a bug submitted by
b'jub0bs'
b'Lack of URL normalization renders Blocked-Previews feature ineffectual'
16 Jan 2022
b'Lark Technologies'
disclosed a bug submitted by
b'imran_nisar'
b'In orginization stored xss using location (Larksuite survey app)'
14 Jan 2022
b'Lark Technologies'
disclosed a bug submitted by
b'imran_nisar'
b"Stored xss on helpdesk using user's city"
14 Jan 2022
b'IBM'
disclosed a bug submitted by
b'xyantix'
b'SQL Injection and plaintext passwords via User Search'
14 Jan 2022
b'Django'
disclosed a bug submitted by
b'scaramouche31'
b'Deserialization of potentially malicious data to RCE'
14 Jan 2022
b'Ruby'
disclosed a bug submitted by
b'sohaib619'
b'Bug Report : [ No Valid SPF Records ]'
13 Jan 2022
b'Adobe'
disclosed a bug submitted by
b'ismailmuh'
b'AEM forms XXE Vulnerability'
13 Jan 2022
b'Adobe'
disclosed a bug submitted by
b'letm3through'
b'Disclosure of github access token in config file via nignx off-by-slash'
13 Jan 2022
b'Lark Technologies'
disclosed a bug submitted by
b'imran_nisar'
b'Reflected xss and open redirect on larksuite.com using /?back_uri= parameter.'
13 Jan 2022
b'Lark Technologies'
disclosed a bug submitted by
b'imran_nisar'
b"[IDOR] Modify other team's reminders via reminderId parameter"
13 Jan 2022
b'Zenly'
disclosed a bug submitted by
b'yetanotherhacker'
b'Friend Request Flow Exposes User Data '
12 Jan 2022
b'Zenly'
disclosed a bug submitted by
b'yetanotherhacker'
b'Account Takeover via SMS Authentication Flow '
12 Jan 2022
b'Nord Security'
disclosed a bug submitted by
b'paramdham'
b'CSRF to change password'
12 Jan 2022
b'Gener8'
disclosed a bug submitted by
b'paramdham'
b'Clickjacking to change email address'
12 Jan 2022
1
...
104
105
106
107
108
...
693
BY DENIS WERNER - @NOBBD -
IMPRESSUM