Top10 publishers:
bobrov114 
linkks75 
geeknik72 
sp1d3rs62 
jobert57 
guido45 Twitter
bl4de42 
ryat40 
bigbear_38 
haxta4ok0037 

the unofficial HackerOne disclosure timeline.

X
Maker Ecosystem Growth Holding disclosed a bug submitted by losthacker 
Blind SSRF at https://chat.makerdao.com/account/profile
14 Apr 2020 timeline
Mail.ru disclosed a bug submitted by byq 
SSRF on fleet.city-mobil.ru leads to local file read
14 Apr 2020 timeline
Mail.ru disclosed a bug submitted by byq 
SSRF & LFR on city-mobil.ru
14 Apr 2020 timeline
Maker Ecosystem Growth Holding disclosed a bug submitted by 0xpegg 
[blog.makerdao.com] Multiple Vulnerabilities - Leads to leakage user admin sensitive exposure
14 Apr 2020 timeline
Mail.ru disclosed a bug submitted by act1on3 
[https://city-mobil.ru/taxiserv] Blind XSS into username
14 Apr 2020 timeline
Mail.ru disclosed a bug submitted by act1on3 
[panel.city-mobil.ru/admin/] Blind XSS into username
14 Apr 2020 timeline
Legal Robot disclosed a bug submitted by aninax 
Cloudflare issue: Error 521 Ray ID: 2e7ea7f706ea4056 • 2016-09-25 12:59:55 UTC Web server is down
13 Apr 2020 timeline
8x8 disclosed a bug submitted by sandrogauci 
Outdated Coturn is vulnerable to known vulnerabilities (High)
13 Apr 2020 timeline
Topcoder disclosed a bug submitted by bonikia97 
PII of Users Disclosure using "/members/invite/" endpoint
13 Apr 2020 timeline
Stripo Inc disclosed a bug submitted by doctor_spooky 
Unrestricted File Upload on https://my.stripo.email and https://stripo.email
13 Apr 2020 timeline
MTN Group disclosed a bug submitted by itsafolic1 
Account Take over of millions of MTN users account due to lack of Rate limiting when sending OTP code
13 Apr 2020 timeline
Zenly disclosed a bug submitted by ticzox 
Insecure Storage and Overly Permissive API Keys in Android App
12 Apr 2020 timeline
MTN Group disclosed a bug submitted by kcz 
OTP bypass - Unintended disclosure of OTP to client allows attacker to manage users' subscriptions
11 Apr 2020 timeline
BCM Messenger disclosed a bug submitted by dedsec69 
IDOR leading to downloading of any attachment
11 Apr 2020 timeline
8x8 disclosed a bug submitted by adam99 
Insecure OAuth redirection at [admin.8x8.vc]
10 Apr 2020 timeline
Nextcloud disclosed a bug submitted by jlord87 
User can delete data in shared folders he's not autorized to access
10 Apr 2020 timeline
Ubiquiti Inc. disclosed a bug submitted by giany 
Unauthenticated request allows changing hostname
10 Apr 2020 timeline
Nextcloud disclosed a bug submitted by protex0r 
Code injection in macOS Desktop Client
10 Apr 2020 timeline
Nextcloud disclosed a bug submitted by at5djl3pwjmunyutnoatp 
"Secure View" aka "Hide Download" can be bypassed easily
10 Apr 2020 timeline
Stripo Inc disclosed a bug submitted by c1kada 
SSRF in Export template to ActiveCampaign
10 Apr 2020 timeline
1 ... 11 12 13 14 15 ... 434
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM