REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'mrr0b0t2324'
b'User automatically logged in as Sys Admin user on https:///Administration/Administration.aspx'
03 Nov 2023
b'FetLife'
disclosed a bug submitted by
b'deepblue29'
b'fetlife.com/signup_step_profile expose access_token of mapbox.com'
01 Nov 2023
b'TikTok'
disclosed a bug submitted by
b'serverinspector'
b'CRLF injection leads to internal XSS on PangleGlobal'
31 Oct 2023
b'PortSwigger Web Security'
disclosed a bug submitted by
b'rexifylo'
b'Title: Deceptive Manipulation of HTTP to HTTPS with VPN in Burp Suite'
31 Oct 2023
b'8x8 Bounty'
disclosed a bug submitted by
b'pentestor'
b'Stored xss at https://.8x8.com/api//ID'
30 Oct 2023
b'phpBB'
disclosed a bug submitted by
b'shin24'
b'Authenticated path traversal to Stored XSS and Denial-of-Service'
29 Oct 2023
b'HackerOne'
disclosed a bug submitted by
b'light3r'
b'Bypass report submit restriction/ban using the API key'
29 Oct 2023
b'Mozilla Critical Services'
disclosed a bug submitted by
b'oja'
b'Security bug https://bugzilla.mozilla.org/oauth/authorize - CRLF Header injection via "redirect_uri" parameter'
28 Oct 2023
b'Rockstar Games'
disclosed a bug submitted by
b'sirr0n'
b'Password and mail address stored unencrypted in memory - Rockstar Game Launcher'
27 Oct 2023
b'Internet Bug Bounty'
disclosed a bug submitted by
b'happyhacking123'
b'CVE-2023-40611: Apache Airflow Dag Runs Broken Access Control Vulnerability'
27 Oct 2023
b'Glassdoor'
disclosed a bug submitted by
b'frankcadillac'
b'Unauthorized Access to Deleted Interviews on Glassdoor Platform'
27 Oct 2023
b'Urban Dictionary'
disclosed a bug submitted by
b'flashdisk'
b'Race condition in up voting and down voting'
27 Oct 2023
b'Mozilla Core Services'
disclosed a bug submitted by
b'astrounder'
b'Possibility of Deface through translation tool - www.mozilla.com'
27 Oct 2023
b'Kubernetes'
disclosed a bug submitted by
b'ginoah'
b'RCE on ingress-nginx-controller via Ingress spec.rules.http.paths.path field'
26 Oct 2023
b'Mozilla Core Services'
disclosed a bug submitted by
b'm4y4nk'
b'Flickr API key leaked in GitHub commit'
26 Oct 2023
b'HackerOne'
disclosed a bug submitted by
b'bebiks'
b'Unreleased Hackerone Copilot is vulnerable to IDOR'
25 Oct 2023
b'Kubernetes'
disclosed a bug submitted by
b'jkroepke'
b'Code inject via nginx.ingress.kubernetes.io/permanent-redirect annotation'
25 Oct 2023
b'Lark Technologies'
disclosed a bug submitted by
b'kongwenbin'
b'Improper Access Control allows OTP bypass'
25 Oct 2023
b'TD Bank'
disclosed a bug submitted by
b'allenshaji'
b'Search input is vulnerable for XSS in qa.td.com and dev.td.com'
25 Oct 2023
b'Cloudflare Public Bug Bounty'
disclosed a bug submitted by
b'suzuka'
b"Accessing apps protected via ZT's Access when user account is deleted/disabled even after clearing user session/seat"
25 Oct 2023
1
...
15
16
17
18
19
...
693
BY DENIS WERNER - @NOBBD -
IMPRESSUM