REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Acronis'
disclosed a bug submitted by
b'technical_junkie'
b'No Rate Limit On Forgot Password Page'
09 Jul 2021
b'Twitter'
disclosed a bug submitted by
b'iambouali'
b"Blind XSS on Twitter's internal Big Data panel at "
09 Jul 2021
b'Uber'
disclosed a bug submitted by
b'healdb'
b'API on campus-vtc.com allows access to ~100 Uber users full names, email addresses and telephone numbers.'
08 Jul 2021
b'Khan Academy'
disclosed a bug submitted by
b'lucenaxpl0it'
b'Bypass the fix of report #1078283 due to poor validation'
08 Jul 2021
b'Shopify'
disclosed a bug submitted by
b'jmp_35p'
b'Add new managed stores without permission'
08 Jul 2021
b'Shopify'
disclosed a bug submitted by
b'superbsic'
b'Removing parts of URL from jQuery request exposes links for download of Paid Digital Assets of the most recent Order placed by anyone on the store!'
08 Jul 2021
b'Ruby'
disclosed a bug submitted by
b'chinarulezzz'
b'lib/net/ftp.rb: trusting PASV responses allow client abuse'
08 Jul 2021
b'Ruby'
disclosed a bug submitted by
b'chinarulezzz'
b'imap: StartTLS stripping attack (CVE-2016-0772).'
08 Jul 2021
b'Brave Software'
disclosed a bug submitted by
b'neeythann'
b'DNS Leaks when using any VPN Browser extension with Brave Shield enabled'
08 Jul 2021
b'HackerOne'
disclosed a bug submitted by
b'recon_ninja'
b'New link opening method makes hackerone vulnerable to tabnabbing'
07 Jul 2021
b'HackerOne'
disclosed a bug submitted by
b'whhackersbr'
b'Slack integration setup lacks CSRF protection'
07 Jul 2021
b'LINE'
disclosed a bug submitted by
b'hulkvision_'
b'Theft of arbitrary files in LINE Lite client for Android'
06 Jul 2021
b'QIWI'
disclosed a bug submitted by
b'shell_c0de'
b'[QIWI Wallet] Access to protected app components '
06 Jul 2021
b'New Relic'
disclosed a bug submitted by
b'bbunnny'
b'Verification Link not expiring leading to Account Takeover.'
05 Jul 2021
b'LINE'
disclosed a bug submitted by
b'alexbirsan'
b'Arbitrary Code Execution via npm misconfiguration installing internal libraries from the public registry'
05 Jul 2021
b'Node.js'
disclosed a bug submitted by
b'ericsesterhenn'
b'OOB read in libuv'
05 Jul 2021
b'LINE'
disclosed a bug submitted by
b's5s'
b'Webview in LINE client for iOS will render application/octet-stream files as HTML'
05 Jul 2021
b'New Relic'
disclosed a bug submitted by
b'ashmek'
b'Account takeover by using abandoned email id of victim which has already been changed to new by victim himself on one.newrelic.com'
02 Jul 2021
b'Node.js'
disclosed a bug submitted by
b'deepsurface-robert'
b'Node Installer Local Privilege Escalation '
01 Jul 2021
b'Nextcloud'
disclosed a bug submitted by
b'sjw'
b'Ratelimiting can be bypassed using IPv6 subnets'
01 Jul 2021
1
...
138
139
140
141
142
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM