REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Acronis'
disclosed a bug submitted by
b'aapo'
b'Acronis True Image 2021 (windows) does not validate server hostname on a login TLS connection'
10 Aug 2021
b'UPchieve'
disclosed a bug submitted by
b'n1had'
b'Password reset token leak on third party website via Referer header'
10 Aug 2021
b'Basecamp'
disclosed a bug submitted by
b'blackbibin'
b'Login session not expire'
10 Aug 2021
b'Basecamp'
disclosed a bug submitted by
b'zofrex'
b'Insecure Bundler configuration fetching internal Gems (okra) from Rubygems.org'
10 Aug 2021
b'Basecamp'
disclosed a bug submitted by
b'blackbibin'
b'Password reset link not expiring after changing password in settings'
10 Aug 2021
b'HackerOne'
disclosed a bug submitted by
b'adhamsadaqah'
b'Tab nabbing in Hackerone inbox.'
09 Aug 2021
b'HackerOne'
disclosed a bug submitted by
b'iamr0000t'
b'PII data Leakage through hackerone reports '
09 Aug 2021
b'Acronis'
disclosed a bug submitted by
b'twvyy3vyaw8k'
b'Local privilege escalation via insecure MSI file'
07 Aug 2021
b'Nextcloud'
disclosed a bug submitted by
b'rtod'
b'Webauthn tokens are not removed on user deletion'
07 Aug 2021
b'Nextcloud'
disclosed a bug submitted by
b'rtod'
b'Virtual Data Room / Hide download on collabora is easy to bypass'
07 Aug 2021
b'Kubernetes'
disclosed a bug submitted by
b'j0v'
b'Loading YAML in Java client can lead to command execution'
07 Aug 2021
b'Mattermost'
disclosed a bug submitted by
b'shielder'
b'Mattermost Server OAuth Flow Cross-Site Scripting'
06 Aug 2021
b'Uber'
disclosed a bug submitted by
b'0xprial'
b'CVE-2020-3452 - unauthenticated file read on anyconnect.routematch.com'
05 Aug 2021
b'HackerOne'
disclosed a bug submitted by
b'tomvg'
b'Partial report contents leakage - via HTTP/2 concurrent stream handling'
05 Aug 2021
b'HackerOne'
disclosed a bug submitted by
b'sunil_yedla'
b'Private program disclosure through notifications'
05 Aug 2021
b'HackerOne'
disclosed a bug submitted by
b'frozensolid'
b"Mishandling of hackerone clear background checks resulting in disclosure of other hacker's information"
05 Aug 2021
b'Acronis'
disclosed a bug submitted by
b'aapo'
b'Acronis True Image (Windows) does not validate server certificate on a TLS connection'
05 Aug 2021
b'HackerOne'
disclosed a bug submitted by
b'none_of_the_above'
b'Internal Gitlab Ticket Disclosure via External Slack Channels'
04 Aug 2021
b'Snapchat'
disclosed a bug submitted by
b'sicarius'
b'Bypass Rate Limits on app.snapchat.com API Endpoint via X-Forwarded-For Header'
04 Aug 2021
b'MTN Group'
disclosed a bug submitted by
b'light4kira'
b'Disclosure of internal information using hidden NTLM authentication leading to an exploit server'
04 Aug 2021
1
...
134
135
136
137
138
...
694
BY DENIS WERNER - @NOBBD -
IMPRESSUM