REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'GitHub Security Lab'
disclosed a bug submitted by
b'porcupineyhairs'
b'Golang : Add MongoDb NoSQL injection sinks'
22 Jan 2021
b'curl'
disclosed a bug submitted by
b'kugghjul'
b'Poll loop/hang on incomplete HTTP header'
22 Jan 2021
b'Mail.ru'
disclosed a bug submitted by
b'explosive'
b' , .'
22 Jan 2021
b'Mail.ru'
disclosed a bug submitted by
b'jayesh25'
b'Improper Restriction of Excessive Authentication Attempts at http://terrafoot.ru/login.php (Rate Limit bypass via IP Rotation)'
22 Jan 2021
b'Mail.ru'
disclosed a bug submitted by
b'jayesh25'
b'Account Takeover via Forgot Password Page at https://3k.mail.ru/send_password.php?'
22 Jan 2021
b'Enjin'
disclosed a bug submitted by
b'michael7854'
b"Reset password policy isn't consistent with registration / change password policy."
22 Jan 2021
b'Rockstar Games'
disclosed a bug submitted by
b'bugstar'
b'phpinfo() on graph.rockstargames.com exposes sensitive information'
21 Jan 2021
b'New Relic'
disclosed a bug submitted by
b'batuhan'
b"Adding your account to victim's app via deeplink"
21 Jan 2021
b'Nextcloud'
disclosed a bug submitted by
b'demonia'
b'Potential DDoS when posting long data into workflow validation rules'
21 Jan 2021
b'Logitech'
disclosed a bug submitted by
b'sudi'
b'Manipulating response leads to free access to Streamlabs Prime '
21 Jan 2021
b'Logitech'
disclosed a bug submitted by
b'hein_thant'
b'Sensitive information disclosure to shared access user via streamlabs platform api'
20 Jan 2021
b'Logitech'
disclosed a bug submitted by
b'hein_thant'
b'Moderator shared access allows access to support.streamlabs.com'
20 Jan 2021
b'Mail.ru'
disclosed a bug submitted by
b'tr3harder'
b'Access admin interface via bad credentials'
20 Jan 2021
b'TikTok'
disclosed a bug submitted by
b'emanuelharijanto'
b'Information Disclosure of Advertiser Account on TikTok Ads Portal'
20 Jan 2021
b'Enjin'
disclosed a bug submitted by
b'michael7854'
b'POST /api/platform/images allows for Arbitrary file upload + Full stored XSS'
20 Jan 2021
b'Mail.ru'
disclosed a bug submitted by
b'act1on3'
b'[api-site.city-mobil.ru] Improper access control leads to information disclosure (bypass of #977597 fix)'
20 Jan 2021
b'Kartpay'
disclosed a bug submitted by
b'bugera'
b'Misconfiguration of Merchant id in jwt header + Weird Debug mode enabling behavior leads to exposed OTP of mobile number.'
20 Jan 2021
b'Nextcloud'
disclosed a bug submitted by
b'prolib'
b'[nextcloud.com] Control character allowed in Submit Question'
20 Jan 2021
b'Informatica'
disclosed a bug submitted by
b'lu3ky-13'
b'loing in to marketplace panel on enablement.informatica.com'
20 Jan 2021
b'Revive Adserver'
disclosed a bug submitted by
b'mbeccati'
b'Open redirect in ck.php and lg.php'
20 Jan 2021
1
...
182
183
184
185
186
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM