REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
57
b'ooooooo_q'
50
b'jon_bottarini'
49
b'haxta4ok00'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'GitHub Security Lab'
disclosed a bug submitted by
b'luchua'
b'[Java] CWE-297: Insecure LDAP endpoint configuration'
25 Mar 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'jessforfun'
b"Java: CWE-652 Improper Neutralization of Data within XQuery Expressions ('XQuery Injection')"
25 Mar 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'torque59'
b'Java: CWE-346 Queries to detect remote source flow to CORS Headers'
25 Mar 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'someonenobbd'
b' Java : Add query for detecting Log Injection vulenrabilities'
25 Mar 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'someonenobbd'
b' Java : Add query for detecting Log Injection vulenrabilities'
25 Mar 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'someonenobbd'
b'Java: Query for detecting unsafe deserialization with Spring exporters'
25 Mar 2021
b'HackerOne'
disclosed a bug submitted by
b'nagli'
b'Indexing of urls on the "External link warning" pages discloses many vulnerable endpoints from the past and unlisted videos/photos'
25 Mar 2021
b'Shipt'
disclosed a bug submitted by
b'1337n0x'
b'Api Token Leaked in [shoppers.shipt.com]'
25 Mar 2021
b'Mail.ru'
disclosed a bug submitted by
b'p1006'
b'[int.ucs.ru] UCS Fiddler 217.25.235.214:7459'
25 Mar 2021
b'Mail.ru'
disclosed a bug submitted by
b'p1006'
b'[int.ucs.ru] UCS Clickhouse'
25 Mar 2021
b'Shopify'
disclosed a bug submitted by
b'intidc'
b'[h1-2102] FQDN takeover on all Shopify wholesale customer domains by trailing dot (RFC 1034)'
25 Mar 2021
b'Mail.ru'
disclosed a bug submitted by
b'r0hack'
b' Confluence Skype'
25 Mar 2021
b'Mail.ru'
disclosed a bug submitted by
b'act1on3'
b'[webvpn.city-srv.ru] Path traversal via CVE-2020-3452'
25 Mar 2021
b'Rocket.Chat'
disclosed a bug submitted by
b'psych0tr1a'
b'Stored XSS in any message (leads to priv esc for all users and file leak + rce via electron app)'
25 Mar 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'pudsec'
b'Reflected XSS at https:////...'
24 Mar 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'brbsainath'
b'Unauth RCE on Jenkins Instance at https:///'
24 Mar 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'spongebhav'
b'CVE-2021-26855 on resulting in SSRF'
24 Mar 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'spongebhav'
b'SSRF due to CVE-2021-26855 on '
24 Mar 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'i_am_no__one'
b'Misconfigured AWS S3 bucket leaks senstive data such of admin, Prdouction,beta, localhost and many more directories....'
24 Mar 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'sleepnotf0und'
b'Self XSS + CSRF Leads to Reflected XSS in https:/// '
24 Mar 2021
1
...
190
191
192
193
194
...
718
BY DENIS WERNER - @NOBBD -
IMPRESSUM
