REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
56
b'ooooooo_q'
50
b'jon_bottarini'
49
b'haxta4ok00'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Internet Bug Bounty'
disclosed a bug submitted by
b'tniessen'
b'Path traversal by monkey-patching Buffer internals'
29 May 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'tniessen'
b'Improper handling of wildcards in --allow-fs-read and --allow-fs-write'
29 May 2024
b'ExpressionEngine'
disclosed a bug submitted by
b'd3addog'
b'Non-authenticated path traversal leading to arbitrary file read '
28 May 2024
b'ExpressionEngine'
disclosed a bug submitted by
b'd0bby'
b'Import/Convert user file exposure leading to logins/passwords/PII leak. '
28 May 2024
b'ExpressionEngine'
disclosed a bug submitted by
b'd0bby'
b'Arbitrary comment content change with GET CSRF. '
28 May 2024
b'ExpressionEngine'
disclosed a bug submitted by
b'd0bby'
b'Arbitrary forum topic close with GET CSRF.'
28 May 2024
b'ExpressionEngine'
disclosed a bug submitted by
b'd0bby'
b'Comment/channel unsubscribe GET CSRF'
28 May 2024
b'ExpressionEngine'
disclosed a bug submitted by
b'd0bby'
b'Stored XSS filter bypass on discussion forum. "URL" tag. '
28 May 2024
b'ExpressionEngine'
disclosed a bug submitted by
b'd0bby'
b'Stored XSS filter bypass on discussion forum. '
28 May 2024
b'ExpressionEngine'
disclosed a bug submitted by
b'sum-catnip'
b'Authenticated RCE via page title'
28 May 2024
b'ExpressionEngine'
disclosed a bug submitted by
b'egix'
b'PHP Code Injection through "Translate::save()" method'
28 May 2024
b'ExpressionEngine'
disclosed a bug submitted by
b'mariuszpoplawski'
b'Low privileges (auth) Remote Command Execution - PHP file upload bypass.'
28 May 2024
b'HackerOne'
disclosed a bug submitted by
b'hacktus'
b'LLM03: Training Data Poisoning via ASCII decoding '
28 May 2024
b'GitLab'
disclosed a bug submitted by
b'yvvdwf'
b'Stored-XSS injected in Wiki page via Banzai pipeline'
28 May 2024
b'TikTok'
disclosed a bug submitted by
b'fr4via'
b'Lynxview JS interfaces Takeover via deeplink traversal'
24 May 2024
b'Teleport'
disclosed a bug submitted by
b'el1g0ld8m1th'
b'SSRF in region parameter that leads to AWS Teleport role AWS account takeover'
24 May 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'svalkanov'
b'[CVE-2024-26146] Header Parsing leads to Possible Denial of Service Vulnerability'
24 May 2024
b'HackerOne'
disclosed a bug submitted by
b'iambouali'
b'Inadequate redaction exposes sensitive information via the ShareReportViaEmail" GraphQL endpoint'
24 May 2024
b'HackerOne'
disclosed a bug submitted by
b'bate5a'
b'Insecure Direct Object Reference (IDOR) Allows Viewing Private Report Details via /bugs.json Endpoint'
23 May 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'svalkanov'
b'[CVE-2024-26142] ReDoS vulnerability in Accept header parsing in Action Dispatch '
22 May 2024
1
...
20
21
22
23
24
...
717
BY DENIS WERNER - @NOBBD -
IMPRESSUM