REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
bobrov
117
linkks
75
geeknik
75
sp1d3rs
66
jobert
60
jon_bottarini
48
ryat
47
netfuzzer
47
guido
45
bl4de
42
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
Lark Technologies
disclosed a bug submitted by
imran_nisar
Stored xss in larksuite internal helpdesk and other user's helpdesk.
19 Feb 2021
Nextcloud
disclosed a bug submitted by
verg
Stored XSS in markdown file with Nextcloud Talk using Internet Explorer
19 Feb 2021
U.S. Dept Of Defense
disclosed a bug submitted by
nidens
IDOR leads to disclosure of PHI/PII
18 Feb 2021
Mail.ru
disclosed a bug submitted by
0ang3el
Stored XSS in calendar via UID parameter
18 Feb 2021
U.S. Dept Of Defense
disclosed a bug submitted by
un4gi
Password Cracking - Weak Password Used to Secure Containing a Plaintext Password
18 Feb 2021
U.S. Dept Of Defense
disclosed a bug submitted by
un4gi
Access to requests and approvals via / allows sensitive information gathering
18 Feb 2021
U.S. Dept Of Defense
disclosed a bug submitted by
un4gi
PII Leak via /
18 Feb 2021
U.S. Dept Of Defense
disclosed a bug submitted by
un4gi
PII Leak via /
18 Feb 2021
U.S. Dept Of Defense
disclosed a bug submitted by
un4gi
PII Leak via /
18 Feb 2021
U.S. Dept Of Defense
disclosed a bug submitted by
un4gi
Dashboard sharing enables code injection into emails
18 Feb 2021
U.S. Dept Of Defense
disclosed a bug submitted by
un4gi
Arbitrary file upload and stored XSS via support request
18 Feb 2021
U.S. Dept Of Defense
disclosed a bug submitted by
un4gi
Support incident can be opened for any user via / and PII leak via field
18 Feb 2021
U.S. Dept Of Defense
disclosed a bug submitted by
un4gi
Knowledge Base Articles are Globally Modifiable via
18 Feb 2021
U.S. Dept Of Defense
disclosed a bug submitted by
un4gi
Second Order XSS via
18 Feb 2021
U.S. Dept Of Defense
disclosed a bug submitted by
un4gi
Improper Access Controls Allow PII Leak via
18 Feb 2021
U.S. Dept Of Defense
disclosed a bug submitted by
mad_phoenix
CVE 2020 14179 on jira instance
18 Feb 2021
Rockstar Games
disclosed a bug submitted by
bugstar
Open redirect on https://signin.rockstargames.com/connect/authorize/rsg
18 Feb 2021
Algolia
disclosed a bug submitted by
exploit_db
email verification bypass
18 Feb 2021
Mail.ru
disclosed a bug submitted by
ar-arvind
Google API Key is not restricted for specific application package name and signature [Mail.ru Cloud for Android]
18 Feb 2021
Clario
disclosed a bug submitted by
akash-labade
No rate Limit on Licenses Activation
18 Feb 2021
1
2
3
4
5
...
519
BY DENIS WERNER - @NOBBD -
IMPRESSUM