REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
bobrov
117
geeknik
78
linkks
75
sp1d3rs
68
jobert
64
someonenobbd
58
jon_bottarini
49
haxta4ok00
48
netfuzzer
48
ryat
47
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
Recorded Future
disclosed a bug submitted by
fornex
Dom Xss vulnerability
19 Jan 2022
Mail.ru
disclosed a bug submitted by
ian
Exposed Golang debugger on tier3.riot.mail.ru:9090, 9080
19 Jan 2022
Urban Dictionary
disclosed a bug submitted by
bemodtwz
DOM XSS through ads
18 Jan 2022
Automattic
disclosed a bug submitted by
rockybandana
SSRF & Blind XSS in Gravatar email
17 Jan 2022
Palo Alto Software
disclosed a bug submitted by
paramdham
Clickjacking
17 Jan 2022
Slack
disclosed a bug submitted by
jub0bs
Lack of URL normalization renders Blocked-Previews feature ineffectual
16 Jan 2022
Lark Technologies
disclosed a bug submitted by
imran_nisar
In orginization stored xss using location (Larksuite survey app)
14 Jan 2022
Lark Technologies
disclosed a bug submitted by
imran_nisar
Stored xss on helpdesk using user's city
14 Jan 2022
IBM
disclosed a bug submitted by
xyantix
SQL Injection and plaintext passwords via User Search
14 Jan 2022
Django
disclosed a bug submitted by
scaramouche31
Deserialization of potentially malicious data to RCE
14 Jan 2022
Ruby
disclosed a bug submitted by
sohaib619
Bug Report : [ No Valid SPF Records ]
13 Jan 2022
Adobe
disclosed a bug submitted by
ismailmuh
AEM forms XXE Vulnerability
13 Jan 2022
Adobe
disclosed a bug submitted by
letm3through
Disclosure of github access token in config file via nignx off-by-slash
13 Jan 2022
Lark Technologies
disclosed a bug submitted by
imran_nisar
Reflected xss and open redirect on larksuite.com using /?back_uri= parameter.
13 Jan 2022
Lark Technologies
disclosed a bug submitted by
imran_nisar
[IDOR] Modify other team's reminders via reminderId parameter
13 Jan 2022
Zenly
disclosed a bug submitted by
yetanotherhacker
Friend Request Flow Exposes User Data
12 Jan 2022
Zenly
disclosed a bug submitted by
yetanotherhacker
Account Takeover via SMS Authentication Flow
12 Jan 2022
Nord Security
disclosed a bug submitted by
paramdham
CSRF to change password
12 Jan 2022
Gener8
disclosed a bug submitted by
paramdham
Clickjacking to change email address
12 Jan 2022
Node.js
disclosed a bug submitted by
rugvip
Prototype pollution via console.table properties
11 Jan 2022
1
2
3
4
5
...
590
BY DENIS WERNER - @NOBBD -
IMPRESSUM
