REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
57
b'ooooooo_q'
50
b'jon_bottarini'
49
b'haxta4ok00'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'drauschkolb'
b'XSS Reflected - '
19 Jan 2022
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'h3xr'
b'Wrong settings in ADF Faces leads to information disclosure'
19 Jan 2022
b'Stripe'
disclosed a bug submitted by
b'gregxsunday'
b'User can pay using archived price by manipulating the request sent to `POST /v1/payment_pages/for_plink`'
19 Jan 2022
b'Recorded Future'
disclosed a bug submitted by
b'fornex'
b'Dom Xss vulnerability'
19 Jan 2022
b'Mail.ru'
disclosed a bug submitted by
b'ian'
b'Exposed Golang debugger on tier3.riot.mail.ru:9090, 9080'
19 Jan 2022
b'Urban Dictionary'
disclosed a bug submitted by
b'bemodtwz'
b'DOM XSS through ads'
18 Jan 2022
b'Automattic'
disclosed a bug submitted by
b'rockybandana'
b'SSRF & Blind XSS in Gravatar email '
17 Jan 2022
b'Palo Alto Software'
disclosed a bug submitted by
b'paramdham'
b' Clickjacking'
17 Jan 2022
b'Slack'
disclosed a bug submitted by
b'jub0bs'
b'Lack of URL normalization renders Blocked-Previews feature ineffectual'
16 Jan 2022
b'Lark Technologies'
disclosed a bug submitted by
b'imran_nisar'
b'In orginization stored xss using location (Larksuite survey app)'
14 Jan 2022
b'Lark Technologies'
disclosed a bug submitted by
b'imran_nisar'
b"Stored xss on helpdesk using user's city"
14 Jan 2022
b'IBM'
disclosed a bug submitted by
b'xyantix'
b'SQL Injection and plaintext passwords via User Search'
14 Jan 2022
b'Django'
disclosed a bug submitted by
b'scaramouche31'
b'Deserialization of potentially malicious data to RCE'
14 Jan 2022
b'Ruby'
disclosed a bug submitted by
b'sohaib619'
b'Bug Report : [ No Valid SPF Records ]'
13 Jan 2022
b'Adobe'
disclosed a bug submitted by
b'ismailmuh'
b'AEM forms XXE Vulnerability'
13 Jan 2022
b'Adobe'
disclosed a bug submitted by
b'letm3through'
b'Disclosure of github access token in config file via nignx off-by-slash'
13 Jan 2022
b'Lark Technologies'
disclosed a bug submitted by
b'imran_nisar'
b'Reflected xss and open redirect on larksuite.com using /?back_uri= parameter.'
13 Jan 2022
b'Lark Technologies'
disclosed a bug submitted by
b'imran_nisar'
b"[IDOR] Modify other team's reminders via reminderId parameter"
13 Jan 2022
b'Zenly'
disclosed a bug submitted by
b'yetanotherhacker'
b'Friend Request Flow Exposes User Data '
12 Jan 2022
b'Zenly'
disclosed a bug submitted by
b'yetanotherhacker'
b'Account Takeover via SMS Authentication Flow '
12 Jan 2022
1
...
129
130
131
132
133
...
718
BY DENIS WERNER - @NOBBD -
IMPRESSUM