REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
56
b'ooooooo_q'
50
b'jon_bottarini'
49
b'haxta4ok00'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'HackerOne'
disclosed a bug submitted by
b'raymatp'
b'2FA requirement bypass when claiming bounty '
11 Jul 2024
b'HackerOne'
disclosed a bug submitted by
b'xklepxn'
b'Improper Authentication - 2FA OTP Reusable'
11 Jul 2024
b'HackerOne'
disclosed a bug submitted by
b'011alsanosi'
b'Bypassing Two-Factor Authentication via Account Deactivation and Password Reset'
11 Jul 2024
b'HackerOne'
disclosed a bug submitted by
b'abdulprkr'
b'Business Logic error leads to bypass 2FA requirement '
11 Jul 2024
b'HackerOne'
disclosed a bug submitted by
b'a_kos'
b'Hackers can Invite Collaborators Without 2FA on Programs Requiring 2FA'
11 Jul 2024
b'HackerOne'
disclosed a bug submitted by
b'noob_but_cut3'
b'TOTP Authenticator implementation Accepts Expired Codes'
11 Jul 2024
b'Rocket.Chat'
disclosed a bug submitted by
b'itssixtynein'
b'Rocket.Chat Desktop client fails to open browser on 3rd party external actions from PDF documents'
11 Jul 2024
b'LY Corporation'
disclosed a bug submitted by
b'yinmo'
b'File sizes may be manipulated into negative numbers when uploading'
10 Jul 2024
b'LY Corporation'
disclosed a bug submitted by
b'nightm4re'
b'XSS on LINE CAREERS'
10 Jul 2024
b'Basecamp'
disclosed a bug submitted by
b'fr4via'
b"Path traversal in deeplink query parameter can expose any user's private info to a public directory (one click)"
09 Jul 2024
b'Basecamp'
disclosed a bug submitted by
b'fr4via'
b'Navgraph confusion allows any 3p app to send and read requests from the server at app.hey.com'
09 Jul 2024
b'Node.js'
disclosed a bug submitted by
b'haxatron1'
b'fs.lstat bypasses permission model'
09 Jul 2024
b'Node.js'
disclosed a bug submitted by
b'tianst'
b'Bypass incomplete fix of CVE-2024-27980'
09 Jul 2024
b'Node.js'
disclosed a bug submitted by
b'4xpl0r3r'
b'fs.fchown/fchmod bypasses permission model'
09 Jul 2024
b'Node.js'
disclosed a bug submitted by
b'dittyroma'
b'Bypass network import restriction via data URL'
08 Jul 2024
b'Flickr'
disclosed a bug submitted by
b'fr4via'
b'Incorrect Deep-link validation leading to unresponsive application and device'
06 Jul 2024
b'Flickr'
disclosed a bug submitted by
b'0xcyborg'
b'IDOR may allow access to non-public photos'
06 Jul 2024
b'Automattic'
disclosed a bug submitted by
b'xurizaemon0'
b'Authentication & Registration Bypass in Newspack Extended Access'
05 Jul 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'devme4f'
b'CVE-2024-34750 Apache Tomcat DoS vulnerability in HTTP/2 connector'
05 Jul 2024
b'TikTok'
disclosed a bug submitted by
b'zhyar_11011'
b'Authentication Bypass on TikTok Seller Signup Process Allows Account Creation Without Phone Verification'
03 Jul 2024
1
...
16
17
18
19
20
...
717
BY DENIS WERNER - @NOBBD -
IMPRESSUM