REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
57
b'ooooooo_q'
50
b'haxta4ok00'
49
b'jon_bottarini'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Twitter'
disclosed a bug submitted by
b'a13h1'
b'Bypass Password Authentication to Update the Password'
12 Feb 2021
b'Khan Academy'
disclosed a bug submitted by
b'sh3rl0ck_'
b'Password authentication when changing information bypass. Bypass of report #721341'
11 Feb 2021
b'TikTok'
disclosed a bug submitted by
b'iambouali'
b'Lack of rate limitation on careers site allows the attacker to brute force the verification code'
11 Feb 2021
b'Shopify'
disclosed a bug submitted by
b'francisbeaudoin'
b'Ability to potentially hit internal NGINX locations on *.myshopify.com by making use of the `X-Accel-Redirect` header via a configured App Proxy'
11 Feb 2021
b'Shopify'
disclosed a bug submitted by
b'luc1d'
b'Open Redirect on Login Page of Stocky App'
11 Feb 2021
b'Shopify'
disclosed a bug submitted by
b'coldd'
b'xss on polaris.shopify.com/demo using postMessage'
11 Feb 2021
b'Shopify'
disclosed a bug submitted by
b'shadow-m'
b'The authentication code when activating 2FA can be used again to log in'
11 Feb 2021
b'Mail.ru'
disclosed a bug submitted by
b'rainbow_json'
b'[MY.GAMES] XSS '
11 Feb 2021
b'Sixt GmbH & Co. Autovermietung KG'
disclosed a bug submitted by
b'reliance'
b'Company Employes Sensitive Information exposed in Android App'
11 Feb 2021
b'Automattic'
disclosed a bug submitted by
b'superman85'
b'[sub.wordpress.com] - XSS when adjust block Poll - Confirmation Message - On submission:Redirect to another webpage - Redirect address:[xss_payload]'
11 Feb 2021
b'VK.com'
disclosed a bug submitted by
b'executor'
b'XSS '
11 Feb 2021
b'QIWI'
disclosed a bug submitted by
b'xaleraf4ra'
b'[z.tochka.com] Unlimited file uploads lead to malware executed'
11 Feb 2021
b'VK.com'
disclosed a bug submitted by
b'onlymalelove'
b'Stored XSS .'
11 Feb 2021
b'Ruby on Rails'
disclosed a bug submitted by
b'tktech'
b'HostAuthorization middleware does not suitably sanitize the Host / X-Forwarded-For header allowing redirection.'
11 Feb 2021
b'Ruby on Rails'
disclosed a bug submitted by
b'dee-see'
b"Regular expression denial of service in ActiveRecord's PostgreSQL Money type"
11 Feb 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'someonenobbd'
b'[Java] CWE-295: Disabled certificate validation in JXBrowser'
10 Feb 2021
b'PayPal'
disclosed a bug submitted by
b'cr33pb0y'
b'Reflect XSS and CSP Bypass on https://www.paypal.com/businesswallet/currencyConverter/ '
10 Feb 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'mrsinister15'
b'Bypassed a fix to gain access to PII of more than 100 Officers'
10 Feb 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'dianeme_'
b'Register with non accepted email types on https://'
10 Feb 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'nagli'
b'PII Leak of Personal at https://www.'
10 Feb 2021
1
...
203
204
205
206
207
...
718
BY DENIS WERNER - @NOBBD -
IMPRESSUM
