REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
83
b'linkks'
75
b'jobert'
70
b'nyymi'
62
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Yelp'
disclosed a bug submitted by
b'happykira0x1'
b'xmlrpc file enabled'
16 Jun 2022
b'curl'
disclosed a bug submitted by
b'iylz'
b'curl "globbing" can lead to denial of service attacks'
16 Jun 2022
b'Reddit'
disclosed a bug submitted by
b'marvelmaniac'
b'CSRF (protection bypassed) to force a below 18 user into viewing an nsfw subreddit !'
16 Jun 2022
b'TikTok'
disclosed a bug submitted by
b'aidilarf_2000'
b'Stored XSS on TikTok Live Form'
16 Jun 2022
b'LinkedIn'
disclosed a bug submitted by
b'sachinrajput'
b'Rate limit Bypass on contact-us through IP Rotator (burp extension)(https://www.linkedin.com/help/linkedin/solve/contact)'
15 Jun 2022
b'Twitter'
disclosed a bug submitted by
b'saiful6601'
b'Delete direct message history without access the proper conversation_id'
15 Jun 2022
b'Twitter'
disclosed a bug submitted by
b'max2x'
b"Remote 0click exfiltration of Safari user's IP address"
15 Jun 2022
b'LinkedIn'
disclosed a bug submitted by
b'suryasnn'
b'The software does not implement sufficient measures to prevent multiple failed authentication attempts within in a short time frame, making it more su'
15 Jun 2022
b'GitHub Security Lab'
disclosed a bug submitted by
b'porcupineyhairs'
b'Golang : Add Query To Detect PAM Authorization Bugs'
15 Jun 2022
b'GitHub Security Lab'
disclosed a bug submitted by
b'porcupineyhairs'
b'Golang : Hardcoded secret used for signing JWT'
15 Jun 2022
b'GitHub Security Lab'
disclosed a bug submitted by
b'ihsinme'
b'CPP: Add query for CWE-243 Creation of chroot Jail Without Changing Working Directory'
15 Jun 2022
b'UPchieve'
disclosed a bug submitted by
b'011alsanosi'
b'Hyper Link Injection while signup '
15 Jun 2022
b'Acronis'
disclosed a bug submitted by
b'mega7'
b'HTML Injection in E-mail'
14 Jun 2022
b'Acronis'
disclosed a bug submitted by
b'ub3rsick'
b'Reflected Cross Site Scripting at ColdFusion Debugging Panel http://www.grouplogic.com/CFIDE/debug/cf_debugFr.cfm'
14 Jun 2022
b'Acronis'
disclosed a bug submitted by
b'ub3rsick'
b'Reflected Cross Site Scripting at http://www.grouplogic.com/files/glidownload/verify3.asp [Uppercase Filter Bypass]'
14 Jun 2022
b'Ruby on Rails'
disclosed a bug submitted by
b'windshock'
b'Rails::Html::SafeListSanitizer vulnerable to xss attack in an environment that allows the style tag'
14 Jun 2022
b'Showmax'
disclosed a bug submitted by
b'saidkira'
b'lack of rate limit on athentification login page & forgot password page'
13 Jun 2022
b'UPchieve'
disclosed a bug submitted by
b'dark_haxor'
b'All user password hash can be seen from admin panel'
11 Jun 2022
b'Internet Bug Bounty'
disclosed a bug submitted by
b'haxatron1'
b'CVE-2022-30115: HSTS bypass via trailing dot'
11 Jun 2022
b'Internet Bug Bounty'
disclosed a bug submitted by
b'haxatron1'
b'CVE-2022-27780: percent-encoded path separator in URL host'
11 Jun 2022
1
...
125
126
127
128
129
...
738
BY DENIS WERNER - @NOBBD -
IMPRESSUM
