REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
57
b'ooooooo_q'
50
b'jon_bottarini'
49
b'haxta4ok00'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'gentlemenhacker'
b" portal is open to enumeration once authenticated. Session ID's appear static. All PII available once a valid session ID is found."
20 Apr 2021
b'GitLab'
disclosed a bug submitted by
b'vakzz'
b'RCE via unsafe inline Kramdown options when rendering certain Wiki pages'
20 Apr 2021
b'Nintendo'
disclosed a bug submitted by
b'mrnbayoh'
b'[3DS][StreetPass] Buffer Overflow in Super Mario Maker level decompression'
20 Apr 2021
b'New Relic'
disclosed a bug submitted by
b'jon_bottarini'
b'Stored XSS via malicious key value of Synthetics monitor tag when visiting an Insights dashboard with filtering enabled'
20 Apr 2021
b'Nextcloud'
disclosed a bug submitted by
b'stregh'
b'bypassing dashboard without account + Information disclosure trough websockets '
20 Apr 2021
b'Nextcloud'
disclosed a bug submitted by
b'syachineko'
b'No set limit to try to login in "https://auth.nextcloud.com/auth/realms/master/protocol/openid-connect/auth" page.'
20 Apr 2021
b'Kryptor'
disclosed a bug submitted by
b'jaimaakali'
b'Kryptor/SECURITY.md missing HACKERONE program update.'
19 Apr 2021
b'Mail.ru'
disclosed a bug submitted by
b'3xternull'
b'Stored XSS on store.my.games'
17 Apr 2021
b'Node.js third-party modules'
disclosed a bug submitted by
b'd3lla'
b'[wireguard-wrapper] Command Injection via insecure command concatenation'
16 Apr 2021
b'CS Money'
disclosed a bug submitted by
b'sawmj'
b'Blind Based SQL Injection in 3d.sc.money'
16 Apr 2021
b'Glassdoor'
disclosed a bug submitted by
b'stregh'
b'web.xml configuration file disclosure'
16 Apr 2021
b'Glassdoor'
disclosed a bug submitted by
b'n1xk_10'
b'Reflected XSS at https://www.glassdoor.co.in/FAQ/Microsoft-Question-FAQ200086-E1651.htm?countryRedirect=true via PATH'
16 Apr 2021
b'Glassdoor'
disclosed a bug submitted by
b'n1xk_10'
b'Reflected XSS at https://www.glassdoor.com/Interview/Accenturme-Interview-Questions-E9931.htm via filter.jobTitleFTS parameter'
16 Apr 2021
b'Glassdoor'
disclosed a bug submitted by
b'n1xk_10'
b'Reflected XSS at https://www.glassdoor.co.in/Interview/BlackRock-Interview-Questions-E9331.htm via filter.jobTitleExact parameter'
16 Apr 2021
b'Glassdoor'
disclosed a bug submitted by
b'n1xk_10'
b'Reflected XSS at https://www.glassdoor.co.in/Job/pratt-whitney-jobs-SRCH_KE0,13.htm?initiatedFromCountryPicker=true&countryRedirect=true'
16 Apr 2021
b'Glassdoor'
disclosed a bug submitted by
b'turb0h4x'
b'CSRF in Demographic Settings with valid gdtoken of other account '
16 Apr 2021
b'Glassdoor'
disclosed a bug submitted by
b'jackb898'
b'HTML Injection in Glassdoor job sharing emails'
16 Apr 2021
b'Glassdoor'
disclosed a bug submitted by
b'flex0geek'
b'[XSS] Reflected XSS via POST request in (editJobAlert.htm) file'
16 Apr 2021
b'Glassdoor'
disclosed a bug submitted by
b'4peace'
b'Dom XSS Rootkit on [https://www.glassdoor.com/]'
16 Apr 2021
b'TikTok'
disclosed a bug submitted by
b'bubbounty'
b'RCE on TikTok Ads Portal'
15 Apr 2021
1
...
184
185
186
187
188
...
718
BY DENIS WERNER - @NOBBD -
IMPRESSUM
