REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Glassdoor'
disclosed a bug submitted by
b'frankcadillac'
b'Unauthorized Access to Deleted Interviews on Glassdoor Platform'
27 Oct 2023
b'Urban Dictionary'
disclosed a bug submitted by
b'flashdisk'
b'Race condition in up voting and down voting'
27 Oct 2023
b'Mozilla Core Services'
disclosed a bug submitted by
b'astrounder'
b'Possibility of Deface through translation tool - www.mozilla.com'
27 Oct 2023
b'Kubernetes'
disclosed a bug submitted by
b'ginoah'
b'RCE on ingress-nginx-controller via Ingress spec.rules.http.paths.path field'
26 Oct 2023
b'Mozilla Core Services'
disclosed a bug submitted by
b'm4y4nk'
b'Flickr API key leaked in GitHub commit'
26 Oct 2023
b'HackerOne'
disclosed a bug submitted by
b'bebiks'
b'Unreleased Hackerone Copilot is vulnerable to IDOR'
25 Oct 2023
b'Kubernetes'
disclosed a bug submitted by
b'jkroepke'
b'Code inject via nginx.ingress.kubernetes.io/permanent-redirect annotation'
25 Oct 2023
b'Lark Technologies'
disclosed a bug submitted by
b'kongwenbin'
b'Improper Access Control allows OTP bypass'
25 Oct 2023
b'TD Bank'
disclosed a bug submitted by
b'allenshaji'
b'Search input is vulnerable for XSS in qa.td.com and dev.td.com'
25 Oct 2023
b'Cloudflare Public Bug Bounty'
disclosed a bug submitted by
b'suzuka'
b"Accessing apps protected via ZT's Access when user account is deleted/disabled even after clearing user session/seat"
25 Oct 2023
b'HackerOne'
disclosed a bug submitted by
b'ahacker1'
b'New Search Feature: Search for non-public words in limited disclosure reports'
25 Oct 2023
b'EXNESS'
disclosed a bug submitted by
b'null_hypothesis'
b'Blind SSRF on https://my.exnessaffiliates.com/ allows for internal network enumeration'
25 Oct 2023
b'HackerOne'
disclosed a bug submitted by
b'xdemiray'
b'Hacker email disclosed on submission at hackerone hactivity'
24 Oct 2023
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'gu4rdianbyte'
b'Information Disclosure FrontPage Configuration Information'
20 Oct 2023
b'Mozilla Critical Services'
disclosed a bug submitted by
b'limusec'
b'After the upload of an private file, using transformations, the file becomes public without the possibility of changing it.'
20 Oct 2023
b'Mozilla Core Services'
disclosed a bug submitted by
b'avram'
b'HTML Injection at https://stage.firefoxmonitor.nonprod.cloudops.mozgcp.net/user/unsubscribe'
20 Oct 2023
b'Nextcloud'
disclosed a bug submitted by
b'bhmth'
b'Responsive Server-side Request Forgery (SSRF)'
19 Oct 2023
b'LinkedIn'
disclosed a bug submitted by
b'domg'
b'Deny Admin from Editing LinkedIn Company Page using Gen Form Visibility via POST /voyager/api/voyagerOrganizationDashCompanies/{id}'
19 Oct 2023
b'HackerOne'
disclosed a bug submitted by
b'rynexx'
b'Hackers two email disclosed on submission at hackerone hactivity'
18 Oct 2023
b'LinkedIn'
disclosed a bug submitted by
b'domg'
b'HTML injection at Company Name or Product Name and can be shown on Contact Sales form'
18 Oct 2023
1
...
17
18
19
20
21
...
694
BY DENIS WERNER - @NOBBD -
IMPRESSUM