REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
56
b'ooooooo_q'
50
b'jon_bottarini'
49
b'haxta4ok00'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'MTN Group'
disclosed a bug submitted by
b'renzi'
b'Remote code injection in Log4j on http://mtn1app.mtncameroon.net - CVE-2021-44228'
24 Aug 2024
b'MTN Group'
disclosed a bug submitted by
b'renzi'
b'Cross-site Scripting (XSS) - Reflected on https://api.mtn.sd/carbon/admin/login.jsp via `msgId` parameter - CVE-2020-17453'
24 Aug 2024
b'MTN Group'
disclosed a bug submitted by
b'renzi'
b'Cross-site Scripting (XSS) - Reflected on http://callertunez.mtn.com.gh/wap/noauth/sharedetail.ftl via `callback` parameter '
24 Aug 2024
b'MTN Group'
disclosed a bug submitted by
b'renzi'
b'Cross-site Scripting (XSS) - Reflected on http://h1b4e.n2.ips.mtn.co.ug:8080 via Nginx-module'
24 Aug 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'mprogrammer'
b'[CVE-2024-35176] DoS vulnerability in REXML'
23 Aug 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'l33thaxor'
b'CVE-2024-38875: Denial-Of-Service through uncontrolled resource consumption caused by poor time complexity of strip_punctuation .'
23 Aug 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'z2_'
b'libcurl: freeing stack buffer during x509 certificate parsing '
23 Aug 2024
b'MTN Group'
disclosed a bug submitted by
b'renzi'
b'Reflected Cross Site Scripting Cisco ASA on myvpn.mtncameroon.net CVE-2020-3580'
23 Aug 2024
b'Drugs.com'
disclosed a bug submitted by
b'mersenne'
b'Cross-site Scripting (XSS) - Reflected'
21 Aug 2024
b'GitHub'
disclosed a bug submitted by
b'astrounder'
b'Source Code and data exfiltration via Github Copilot'
19 Aug 2024
b'MTN Group'
disclosed a bug submitted by
b'impozzible'
b'FULL ACCOUNT TAKEOVER'
17 Aug 2024
b'IBM'
disclosed a bug submitted by
b'cyber_punk'
b'jazz.net - publicly accessible .svn repositories'
16 Aug 2024
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'prakhar0x01'
b'Cross Site Scripting'
16 Aug 2024
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'steveflex'
b'Course Registration Form Allowing an attacker to dump all the candidate name who had enrolled for the course'
16 Aug 2024
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'socpuppet'
b'DoD workstation exposed to internet via TinyPilot KVM with no authentication'
16 Aug 2024
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'sp1d3rs'
b'Blind Stored XSS on the internal host - '
16 Aug 2024
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'sp1d3rs'
b'Unauthenticated arbitrary file upload on the https:/// ()'
16 Aug 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'orange'
b'moderate: Apache HTTP Server: mod_rewrite proxy handler substitution (CVE-2024-39573) CWE-20 Improper Input Validation'
12 Aug 2024
b'RATELIMITED'
disclosed a bug submitted by
b'fdeleite'
b'Subdomain takeover in GitLab Pages [george.ratelimited.me]'
11 Aug 2024
b'Rocket.Chat'
disclosed a bug submitted by
b'gronke'
b'XSS via /api/v1/chat.postMessage '
10 Aug 2024
1
...
10
11
12
13
14
...
717
BY DENIS WERNER - @NOBBD -
IMPRESSUM