REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'0xelkot'
b'XSS on '
19 Aug 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'alyssa_herrera'
b'CUI labled and and Restricted intelligence '
19 Aug 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'fdeleite'
b'XSS due to CVE-2020-3580 [.mil]'
19 Aug 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'fdeleite'
b'S3 bucket listing/download'
19 Aug 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'whoisbinit'
b'[CVE-2021-29156 on ForgeRock OpenAm] LDAP Injection in Webfinger Protocol!'
19 Aug 2021
b'MTN Group'
disclosed a bug submitted by
b'ibrahimauwal__'
b'Email verification bypassed during sing up (https://developers.mtn.com/profile)'
19 Aug 2021
b'Glassdoor'
disclosed a bug submitted by
b'vestige23'
b'Reflected XSS on https://www.glassdoor.com/job-listing/spotlight'
19 Aug 2021
b'GitLab'
disclosed a bug submitted by
b'vovohelo'
b'Clipboard DOM-based XSS'
19 Aug 2021
b'Affirm'
disclosed a bug submitted by
b'ian'
b'Subdomain takeover of www.affirm.com'
18 Aug 2021
b'UPchieve'
disclosed a bug submitted by
b'4pag'
b'i can join without user and pass in this website https://argocd.upchieve.org/settings/accounts'
18 Aug 2021
b'MTN Group'
disclosed a bug submitted by
b'devhug'
b'CVE-2018-6389 exploitation - using scripts loader'
18 Aug 2021
b'R3'
disclosed a bug submitted by
b'aliyugombe'
b'No DMARC record at cordacon.com'
18 Aug 2021
b'Glovo'
disclosed a bug submitted by
b'celesian'
b'Reflected XSS on delivery.glovoapp.com'
18 Aug 2021
b'Acronis'
disclosed a bug submitted by
b'vovohelo'
b'Possible LDAP username and password disclosed on Github'
17 Aug 2021
b'Acronis'
disclosed a bug submitted by
b'amsda'
b'[acronis.secure.force.com] - Insecure Salesforce default/custom object permissions leads to information disclosure'
17 Aug 2021
b'Mail.ru'
disclosed a bug submitted by
b'savproga'
b'Blind XSS Stored and CORS misconfiguration "" top.mail.ru'
17 Aug 2021
b'MTN Group'
disclosed a bug submitted by
b'aliyugombe'
b'No rate limit in otp code sending'
16 Aug 2021
b'MTN Group'
disclosed a bug submitted by
b'aliyugombe'
b'No rate limit lead to otp brute forcing'
16 Aug 2021
b'Elastic'
disclosed a bug submitted by
b's1r1u5'
b'Prototype Pollution leads to XSS on https://blog.swiftype.com/#__proto__[asd]=alert(document.domain)'
16 Aug 2021
b'Brave Software'
disclosed a bug submitted by
b'sickcodes'
b'Brave Browser permanently timestamps & logs connection times for all v2 domains ~/.config/BraveSoftware/Brave-Browser/tor/data/tor.log'
16 Aug 2021
1
...
130
131
132
133
134
...
693
BY DENIS WERNER - @NOBBD -
IMPRESSUM