REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Nextcloud'
disclosed a bug submitted by
b'divyesh01'
b'Access control missing while viewing the attachments in the "All boards"'
29 Sep 2020
b'Stripo Inc'
disclosed a bug submitted by
b'0x4_aulia'
b'Public and secret api key leaked in JavaScript source'
29 Sep 2020
b'Nextcloud'
disclosed a bug submitted by
b'dream_changer'
b'Recently change email but still login with old email'
29 Sep 2020
b'CS Money'
disclosed a bug submitted by
b'khoabda1'
b'IDOR in https://3d.cs.money/'
28 Sep 2020
b'CS Money'
disclosed a bug submitted by
b'khoabda1'
b'Bypass restrict of member subscription to use custom background in https://3d.cs.money without prime subscription'
28 Sep 2020
b'Nextcloud'
disclosed a bug submitted by
b'warsocks'
b'Missing server side controls when editing the board\xe2\x80\x99s sharing permissions per user'
28 Sep 2020
b'Nextcloud'
disclosed a bug submitted by
b'xam24'
b'No rate limiting on sinup page'
28 Sep 2020
b'Nextcloud'
disclosed a bug submitted by
b'alx_il'
b'Re-Sharing allows increase of privileges'
28 Sep 2020
b'CS Money'
disclosed a bug submitted by
b'khoabda1'
b'Bypass Filter on link of build'
28 Sep 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'0xd0ff'
b'[m-server] XSS reflected because path does not escapeHtml'
28 Sep 2020
b'concrete5'
disclosed a bug submitted by
b'javakhishvili'
b'Unauthenticated HTML Injection Stored - ContactUs form'
25 Sep 2020
b'concrete5'
disclosed a bug submitted by
b'javakhishvili'
b'Cross Site Scripting (XSS) Stored - Private messaging'
25 Sep 2020
b'HackerOne'
disclosed a bug submitted by
b'vakzz'
b'Reflected XSS on www.hackerone.com via Wistia embed code'
24 Sep 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'mik317'
b'[snekserve] Stored XSS via filenames HTML formatted'
24 Sep 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'mik317'
b'[commit-msg] RCE via insecure command formatting'
24 Sep 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'mik317'
b'[gity] RCE via insecure command formatting'
24 Sep 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'lightangel1412'
b'[http_server] Path Traversal allowing to read any files on the server'
24 Sep 2020
b'Twitter'
disclosed a bug submitted by
b'alesandroortiz'
b'Android WebViews in Twitter app are vulnerable to UXSS due to configuration and CVE-2020-6506'
24 Sep 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'lightangel1412'
b'[hnzserver] Path Traversal allowing to read any files on the server'
24 Sep 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'mik317'
b'[git-lib] RCE via insecure command formatting'
24 Sep 2020
1
...
216
217
218
219
220
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM