Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'56 
b'ooooooo_q'50 
b'jon_bottarini'49 
b'haxta4ok00'48 

the unofficial HackerOne disclosure timeline.

X
b'Booking.com' disclosed a bug submitted by b'tuantv89' 
b'Default Admin Account lead to full access control at https://desk-demo.fareharbor.engineering'
03 Jul 2024 timeline
b'Ruby' disclosed a bug submitted by b'ooooooo_q' 
b'RCE by parsing `.rdoc_options` in RDoc'
03 Jul 2024 timeline
b'inDrive' disclosed a bug submitted by b'bugsv2' 
b'Unlimited fake rate to the passenger in city to city, Affected endpoint `/api/v1/reviews/ride/<ID>/driver`'
02 Jul 2024 timeline
b'inDrive' disclosed a bug submitted by b'zxwo' 
b'Reflected XSS of media.indrive.com'
02 Jul 2024 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'noentry' 
b'CVE-2024-32760 in nginx'
01 Jul 2024 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'noentry' 
b'CVE-2024-31079 in nginx'
01 Jul 2024 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'noentry' 
b'CVE-2024-35200 in nginx'
01 Jul 2024 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'ooooooo_q' 
b'[CVE-2024-32464] ActionText ContentAttachments can Contain Unsanitized HTML'
30 Jun 2024 timeline
b'MercadoLibre' disclosed a bug submitted by b'fr4via' 
b'Account Takeover / Arbitrary File read and deletion / Partial code execution (intent redirection through com.mercadopago.wallet.splash.SplashActivity)'
28 Jun 2024 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'martinvw' 
b'Subdomain takeover .mil'
27 Jun 2024 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'sp1d3rs' 
b'Local File Disclosure on the (https://.edu/) leads to the full source code disclosure and credentials leak'
27 Jun 2024 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'berserker1999' 
b'IDOR leading unauthenticated attacker to download documents discloses PII of users and soldiers via https://www./Download.aspx?id= [HtUS]'
27 Jun 2024 timeline
b'Mars' disclosed a bug submitted by b'b_i_n_i_a_m' 
b'sqli on search functionality'
25 Jun 2024 timeline
b'Mars' disclosed a bug submitted by b'mkhmd17' 
b'Attacker can add two free bags offered by the site at the same time.'
25 Jun 2024 timeline
b'Mars' disclosed a bug submitted by b'b_i_n_i_a_m' 
b'Sqli on search functionality'
25 Jun 2024 timeline
b'Mars' disclosed a bug submitted by b'blax17' 
b'Reflected xss on '
25 Jun 2024 timeline
b'Mars' disclosed a bug submitted by b'dr34m14' 
b'CSRF resulting in adding pet at '
25 Jun 2024 timeline
b'Mars' disclosed a bug submitted by b'haoshokunoo' 
b'Account takeover using reset password link'
25 Jun 2024 timeline
b'Booking.com' disclosed a bug submitted by b'jub0bs' 
b'Subdomain takeover of ci-support.booking.com (pointing to Zendesk)'
25 Jun 2024 timeline
b'Kubernetes' disclosed a bug submitted by b'jub0bs' 
b'monitoring.prow-canary.k8s.io is vulnerable to CVE-2022-21703 (Grafana 0-day)'
25 Jun 2024 timeline
1 ... 17 18 19 20 21 ... 717
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM