REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
84
b'linkks'
75
b'jobert'
70
b'nyymi'
67
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Reddit'
disclosed a bug submitted by
b'lu3ky-13'
b'Open Redirect on www.redditinc.com via `failed` query param bypass after fixed bug #1257753'
30 Sep 2022
b'Reddit'
disclosed a bug submitted by
b'criptex'
b'IDOR allows an attacker to modify the links of any user'
30 Sep 2022
b'Reddit'
disclosed a bug submitted by
b'heckintosh'
b'Unrestricted File Upload on reddit.secure.force.com'
30 Sep 2022
b'Cloudflare Public Bug Bounty'
disclosed a bug submitted by
b'path_network'
b'Lack of Packet Sanitation in Goflow Results in Multiple DoS Attack Vectors and Bugs'
30 Sep 2022
b'Cloudflare Public Bug Bounty'
disclosed a bug submitted by
b'lohigowda'
b'Password Policy Restriction Bypass'
30 Sep 2022
b'Flickr'
disclosed a bug submitted by
b'stevejubs'
b'Open Redirect'
29 Sep 2022
b'Yelp'
disclosed a bug submitted by
b'irfadps'
b'no rate limit in forgot password session'
29 Sep 2022
b'Judge.me '
disclosed a bug submitted by
b'penguinshelp'
b'XSS in Widget Review Form Preview in settings'
29 Sep 2022
b'Slack'
disclosed a bug submitted by
b'security_warrior'
b'CSV export/import functionality allows administrators to modify member and message content of a workspace'
28 Sep 2022
b'Cloudflare Public Bug Bounty'
disclosed a bug submitted by
b'albertspedersen'
b'Take over subdomains of r2.dev using R2 custom domains'
28 Sep 2022
b'Node.js'
disclosed a bug submitted by
b'zeyu2001'
b'DNS rebinding in --inspect (insufficient fix of CVE-2022-32212 affecting macOS devices)'
28 Sep 2022
b'Yelp'
disclosed a bug submitted by
b'raja404'
b'Server-side request forgery (ssrf)'
28 Sep 2022
b'8x8'
disclosed a bug submitted by
b'rajauzairabdullah'
b'Directory Listing vulnerability on .packet8.net/php/include/'
28 Sep 2022
b'Yelp'
disclosed a bug submitted by
b'qualwin3001'
b'CORS Misconfiguration on Yelp'
28 Sep 2022
b'Yelp'
disclosed a bug submitted by
b'er_salil'
b'password field autocomplete enabled'
27 Sep 2022
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'thpless'
b'insecure gitlab repositories at [HtUS]'
27 Sep 2022
b'Reddit'
disclosed a bug submitted by
b'criptex'
b'XSS Reflected on reddit.com via url path'
27 Sep 2022
b'Adobe'
disclosed a bug submitted by
b'gdattacker'
b'Main Domain Takeover at https://www.marketo.net/'
26 Sep 2022
b'MTN Group'
disclosed a bug submitted by
b'possowski'
b'Reflected xss on videostore.mtnonline.com'
25 Sep 2022
b'Internet Bug Bounty'
disclosed a bug submitted by
b'haxatron1'
b'[CVE-2022-35949]: undici.request vulnerable to SSRF using absolute / protocol-relative URL on pathname '
23 Sep 2022
1
...
130
131
132
133
134
...
759
BY DENIS WERNER - @NOBBD -
IMPRESSUM
