REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Shopify'
disclosed a bug submitted by
b'scaramouche31'
b'Bypass a fix for report #708013'
07 Dec 2021
b'Open-Xchange'
disclosed a bug submitted by
b'afewgoats'
b'Guard WKS lookup: Evil WKS server forces connections to last forever'
07 Dec 2021
b'Rocket.Chat'
disclosed a bug submitted by
b'cyberasset'
b'Blind XSS'
07 Dec 2021
b'Evernote'
disclosed a bug submitted by
b'neolexsecurity'
b'Full read SSRF in www.evernote.com that can leak aws metadata and local file inclusion'
06 Dec 2021
b'Affirm'
disclosed a bug submitted by
b'xfiltrer'
b'IDOR to view order information of users and personal information'
06 Dec 2021
b'Shopify'
disclosed a bug submitted by
b'jaka_tingkir'
b'xss is triggered on your web'
06 Dec 2021
b'Shopify'
disclosed a bug submitted by
b'rhynorater'
b'[h1-2102] Wholesale - CSRF to Generate Invitation Token for a Customer and Move Customer to Invited Status'
06 Dec 2021
b'Paragon Initiative Enterprises'
disclosed a bug submitted by
b'kashifinfo90'
b'Recaptcha Secret key Leaked'
04 Dec 2021
b'Kubernetes'
disclosed a bug submitted by
b'libio'
b'Authenticated kubernetes principal with restricted permissions can retrieve ingress-nginx serviceaccount token and secrets across all namespaces'
04 Dec 2021
b'Shopify'
disclosed a bug submitted by
b'yinvi777'
b'Staff can use BULK_OPERATIONS_FINISH webhook topic using Graphql without permissions all'
04 Dec 2021
b'TikTok'
disclosed a bug submitted by
b'semsem123'
b'reflected xss on the path m.tiktok.com'
03 Dec 2021
b'TikTok'
disclosed a bug submitted by
b'lewaperbb'
b'IDOR the ability to view support tickets of any user on seller platform'
03 Dec 2021
b'Shopify'
disclosed a bug submitted by
b'c0rv4x'
b"[h1-2102] [Yaworski's Broskis] Suspected overcharge and chargebacks in PoS"
03 Dec 2021
b'Open-Xchange'
disclosed a bug submitted by
b'ihsinme'
b'access to stack memory beyond array boundaries'
03 Dec 2021
b'ownCloud'
disclosed a bug submitted by
b'ihsinme'
b'File System Monitoring Queue Overflow'
03 Dec 2021
b'Shopify'
disclosed a bug submitted by
b'hydraxanon82'
b'Ability to add address without being an admin or staff in the store via wholesale store'
03 Dec 2021
b'Shopify'
disclosed a bug submitted by
b'j0j0'
b'Unathorised access to admin endpoint on plus-website-staging5.shopifycloud.com'
03 Dec 2021
b'Slack'
disclosed a bug submitted by
b'oskarsv'
b'Stored XSS in files.slack.com'
02 Dec 2021
b'Shopify'
disclosed a bug submitted by
b'cthulhufhtagn'
b'Bypassing HTML filter in "Packing Slip Template" Lead to SSRF to Internal Kubernetes Endpoints'
02 Dec 2021
b'Glassdoor'
disclosed a bug submitted by
b'zonduu'
b'CSS injection via link tag whitelisted-domain bypass - https://www.glassdoor.com'
02 Dec 2021
1
...
111
112
113
114
115
...
693
BY DENIS WERNER - @NOBBD -
IMPRESSUM