REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'GitHub Security Lab'
disclosed a bug submitted by
b'someonenobbd'
b'[Java] CWE-759: Query to detect password hash without a salt'
12 Apr 2021
b'Stripo Inc'
disclosed a bug submitted by
b'0x6964696f74'
b'Stored XSS at Module Name'
12 Apr 2021
b'Mail.ru'
disclosed a bug submitted by
b'kiriknik'
b'Blind SSRF on [relap.io]'
12 Apr 2021
b'Zivver'
disclosed a bug submitted by
b'irfan07'
b'Cross-site Scripting (XSS) - Reflected'
12 Apr 2021
b'DuckDuckGo'
disclosed a bug submitted by
b'pmoc'
b'Reflected/Stored XSS on duckduckgo.com'
10 Apr 2021
b'Mail.ru'
disclosed a bug submitted by
b'dennisleo6'
b'read new emails from any inbox IOS APP in notification center'
10 Apr 2021
b'Mail.ru'
disclosed a bug submitted by
b'chutchut'
b'Local SQL Injection in Content Provider (ru.mail.data.contact.ContactsProvider) of Mail.ru for Android, version 12.2.0.29734'
10 Apr 2021
b'U.S. General Services Administration'
disclosed a bug submitted by
b'amannnnnnnnnnnnnnn'
b'CRLF INJECTION '
10 Apr 2021
b'Uber'
disclosed a bug submitted by
b'm4ll0x0k'
b'Exposedin apk file - devbuilds.uber.com'
09 Apr 2021
b'Glassdoor'
disclosed a bug submitted by
b'bendtheory'
b'XSS at https://www.glassdoor.com/Salary/* via filter.jobTitleExact'
09 Apr 2021
b'VK.com'
disclosed a bug submitted by
b'manaenckov'
b'Open Redirect VKMA'
09 Apr 2021
b'VK.com'
disclosed a bug submitted by
b'onlymalelove'
b' vk.com. ( , .)'
09 Apr 2021
b'Shopify'
disclosed a bug submitted by
b'fatal0'
b'XSS at https://exchangemarketplace.com/blogsearch'
09 Apr 2021
b'Shopify'
disclosed a bug submitted by
b'g4mm4'
b'https://themes.shopify.com::: Host header web cache poisoning lead to DoS'
08 Apr 2021
b'Shopify'
disclosed a bug submitted by
b'francisbeaudoin'
b"[h1-2102] Partner's team member with no permission can retrieve services financial data"
08 Apr 2021
b'Shopify'
disclosed a bug submitted by
b'ramsexy'
b"[h1-2102] [Yaworski's Broskis] Low privilege user can read POS PINs via graphql and elevate his privilege"
08 Apr 2021
b'Shopify'
disclosed a bug submitted by
b'luc1d'
b'Stored XSS on apps.shopify.com'
08 Apr 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'skarsom'
b'Sending trusted and emails through public API endpoint in site'
08 Apr 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'skarsom'
b'RCE in subdomain via CVE-2017-1000486'
08 Apr 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'skarsom'
b'IDOR on https:// via POST UID enables database scraping'
08 Apr 2021
1
...
162
163
164
165
166
...
694
BY DENIS WERNER - @NOBBD -
IMPRESSUM