Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'64 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'MTN Group' disclosed a bug submitted by b'dh0pe' 
b'Sensitive Information Disclosure Through Config File'
01 Sep 2022 timeline
b'MTN Group' disclosed a bug submitted by b'dh0pe' 
b'Default Admin Username and Password on remedysso.mtncameroon.net'
01 Sep 2022 timeline
b'MTN Group' disclosed a bug submitted by b'ibrahimatix0x01' 
b'Password reset token leak on third party website via Referer header [cloudivr.mtnbusiness.com.ng]'
01 Sep 2022 timeline
b'MTN Group' disclosed a bug submitted by b'aliyugombe' 
b'Remote code execution due to unvalidated file upload'
01 Sep 2022 timeline
b'Adobe' disclosed a bug submitted by b'aneeeketh' 
b'API Key reported in #1465145 not rotated and thus is still valid and can be used by anyone'
01 Sep 2022 timeline
b'Hyperledger' disclosed a bug submitted by b'fatal0' 
b'Remote denial of service in HyperLedger Fabric'
01 Sep 2022 timeline
b'Acronis' disclosed a bug submitted by b'mrccrqr' 
b'Any expired reset password link can still be used to reset the password'
01 Sep 2022 timeline
b'Snapchat' disclosed a bug submitted by b'mahfujwhh' 
b'Password reset tokens sent to CSP reporting endpoints'
31 Aug 2022 timeline
b'Cloudflare Public Bug Bounty' disclosed a bug submitted by b'motu-vai' 
b'Enable 2Fa verification without verifying email leads account takeover'
31 Aug 2022 timeline
b'curl' disclosed a bug submitted by b'haxatron1' 
b'CVE-2022-35252: control code in cookie denial of service'
31 Aug 2022 timeline
b'Cloudflare Public Bug Bounty' disclosed a bug submitted by b'lohigowda' 
b'Blind SSRF on platform.dash.cloudflare.com Due to Sentry misconfiguration'
31 Aug 2022 timeline
b'TikTok' disclosed a bug submitted by b'fransrosen' 
b"TikTok's pixel/sdk.js leaks current URL from websites using postMessage"
30 Aug 2022 timeline
b'Palo Alto Software' disclosed a bug submitted by b'zer0code' 
b'weak protection against brute-forcing on login api leads to account takeover '
29 Aug 2022 timeline
b'LinkedIn' disclosed a bug submitted by b'naaash' 
b'Privilege Escalation - "Analyst" Role Can View Email Domains of a Company - [GET /voyager/api/voyagerOrganizationDashEmailDomainMappings]'
26 Aug 2022 timeline
b'GitLab' disclosed a bug submitted by b'mega7' 
b'Unauthorized access'
25 Aug 2022 timeline
b'Stripo Inc' disclosed a bug submitted by b'deb0con' 
b'Non-revoked API Key Information disclosure via Stripo_report()'
25 Aug 2022 timeline
b'MTN Group' disclosed a bug submitted by b'theranger' 
b'Default Login Credentials on https://broadbandmaps.mtn.com.gh/ '
25 Aug 2022 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'albinowax' 
b'Pause-based desync in Apache HTTPD'
25 Aug 2022 timeline
b'Nord Security' disclosed a bug submitted by b'bashketchum' 
b'NordVPN Linux Client - Unsafe service file permissions leads to Local Privilege Escalation'
24 Aug 2022 timeline
b'Sony' disclosed a bug submitted by b'leo_rac' 
b'Reflected XSS on pages.email.sel.sony.com/page.aspx via jobid parameter'
24 Aug 2022 timeline
1 ... 119 120 121 122 123 ... 742
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM