REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'TikTok'
disclosed a bug submitted by
b'gnux'
b'Lack of session expiration after password reset on TikTok Careers Portal'
03 Mar 2021
b'Lark Technologies'
disclosed a bug submitted by
b'imran_nisar'
b"User with single department permission can view applicant list of all department's"
03 Mar 2021
b'Algolia'
disclosed a bug submitted by
b'h4x0r_dz'
b'Information disclosure via a misconfigured third-party product'
03 Mar 2021
b'Mail.ru'
disclosed a bug submitted by
b'chaosbolt'
b'SDC bypass cloud.mail.ru for every /api/v3/* endpoint.'
02 Mar 2021
b'h1-ctf'
disclosed a bug submitted by
b'archerl'
b'Grinchs website takendown with various other exploits'
02 Mar 2021
b'h1-ctf'
disclosed a bug submitted by
b'luminougat'
b'hackyholidays CTF Writeup'
02 Mar 2021
b'Rockset'
disclosed a bug submitted by
b'afsec'
b'Leaking Rockset API key on Github'
02 Mar 2021
b'Rockstar Games'
disclosed a bug submitted by
b'gevakun'
b'Minor Account Privacy can Set to Everyone.'
02 Mar 2021
b'Stripo Inc'
disclosed a bug submitted by
b'3x3s'
b'Memory Dump and Env Disclosure via Spring Boot Actuator'
02 Mar 2021
b'Dropbox'
disclosed a bug submitted by
b'jackb898'
b'Coupon codes indexed by Google'
01 Mar 2021
b'Grammarly'
disclosed a bug submitted by
b'fransrosen'
b'Config override using non-validated query parameter allows at least reflected XSS by injecting configuration into state'
01 Mar 2021
b'Mail.ru'
disclosed a bug submitted by
b'secator'
b'[xss] setTheme ajax_attach_action'
01 Mar 2021
b'Mail.ru'
disclosed a bug submitted by
b'secator'
b'[xss] url '
01 Mar 2021
b'Mail.ru'
disclosed a bug submitted by
b'secator'
b'[xss] passrestore m/touch/tel'
01 Mar 2021
b'Mail.ru'
disclosed a bug submitted by
b'0ang3el'
b'XXE webdav.mail.ru - PROPFIND/PROPPATCH'
01 Mar 2021
b'Mail.ru'
disclosed a bug submitted by
b'0ang3el'
b'Blind SSRF calendar.mail.ru '
01 Mar 2021
b'Nextcloud'
disclosed a bug submitted by
b'alexanderhofstaetter'
b'Acting under any different user via DB-stored credentials'
01 Mar 2021
b'Nextcloud'
disclosed a bug submitted by
b'yzy9951'
b'Reflected XSS when renaming a file with a vulnerable name which results in an error'
01 Mar 2021
b'Nextcloud'
disclosed a bug submitted by
b'alacn1'
b'External storage app saves password for all users in the database'
01 Mar 2021
b'Xiaomi'
disclosed a bug submitted by
b'l1ack3d'
b'CORS Misconfiguration, could lead to disclosure of users information'
01 Mar 2021
1
...
172
173
174
175
176
...
693
BY DENIS WERNER - @NOBBD -
IMPRESSUM