REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
84
b'linkks'
75
b'jobert'
70
b'nyymi'
64
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'U.S. General Services Administration'
disclosed a bug submitted by
b'alexandrio'
b'[Transportation Management Services Solution 2.0] Improper authorization at tmss.gsa.gov leads to data exposure of all registered users'
08 Dec 2021
b'Semrush'
disclosed a bug submitted by
b'rivalsec'
b"php info file and sql backup at vendor's subdomain"
08 Dec 2021
b'QIWI'
disclosed a bug submitted by
b'avolume'
b'Account Takeover through registration to the same email address'
08 Dec 2021
b'Mail.ru'
disclosed a bug submitted by
b'0xd0ff9'
b'[allods.mail.ru] - WebCache Poisoning Host Header lead to Potential Stored XSS'
08 Dec 2021
b'UPchieve'
disclosed a bug submitted by
b'jupiter-47'
b'CORS origin validation failure'
07 Dec 2021
b'UPchieve'
disclosed a bug submitted by
b'anas_44'
b'Authentication Bypass - Email Verification code bypass in account registration process.'
07 Dec 2021
b'Shopify'
disclosed a bug submitted by
b'scaramouche31'
b'Bypass a fix for report #708013'
07 Dec 2021
b'Open-Xchange'
disclosed a bug submitted by
b'afewgoats'
b'Guard WKS lookup: Evil WKS server forces connections to last forever'
07 Dec 2021
b'Rocket.Chat'
disclosed a bug submitted by
b'cyberasset'
b'Blind XSS'
07 Dec 2021
b'Evernote'
disclosed a bug submitted by
b'neolexsecurity'
b'Full read SSRF in www.evernote.com that can leak aws metadata and local file inclusion'
06 Dec 2021
b'Affirm'
disclosed a bug submitted by
b'xfiltrer'
b'IDOR to view order information of users and personal information'
06 Dec 2021
b'Shopify'
disclosed a bug submitted by
b'jaka_tingkir'
b'xss is triggered on your web'
06 Dec 2021
b'Shopify'
disclosed a bug submitted by
b'rhynorater'
b'[h1-2102] Wholesale - CSRF to Generate Invitation Token for a Customer and Move Customer to Invited Status'
06 Dec 2021
b'Paragon Initiative Enterprises'
disclosed a bug submitted by
b'kashifinfo90'
b'Recaptcha Secret key Leaked'
04 Dec 2021
b'Kubernetes'
disclosed a bug submitted by
b'libio'
b'Authenticated kubernetes principal with restricted permissions can retrieve ingress-nginx serviceaccount token and secrets across all namespaces'
04 Dec 2021
b'Shopify'
disclosed a bug submitted by
b'yinvi777'
b'Staff can use BULK_OPERATIONS_FINISH webhook topic using Graphql without permissions all'
04 Dec 2021
b'TikTok'
disclosed a bug submitted by
b'semsem123'
b'reflected xss on the path m.tiktok.com'
03 Dec 2021
b'TikTok'
disclosed a bug submitted by
b'lewaperbb'
b'IDOR the ability to view support tickets of any user on seller platform'
03 Dec 2021
b'Shopify'
disclosed a bug submitted by
b'c0rv4x'
b"[h1-2102] [Yaworski's Broskis] Suspected overcharge and chargebacks in PoS"
03 Dec 2021
b'Open-Xchange'
disclosed a bug submitted by
b'ihsinme'
b'access to stack memory beyond array boundaries'
03 Dec 2021
1
...
159
160
161
162
163
...
742
BY DENIS WERNER - @NOBBD -
IMPRESSUM
