REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'hzllaga'
b'Remote Code Execution on ?????????'
03 Sep 2020
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'secret_letters'
b'??? is vulnerable to CVE-2020-3452 Read-Only Path Traversal Vulnerability'
03 Sep 2020
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'professor1'
b'CVE-2020-3452, unauthenticated file read in Cisco ASA & Cisco Firepower.'
03 Sep 2020
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'rudra_2000'
b'Elmah.axd is publicly accessible and leaking Error Log for ROOT on ?????_PRD_WEB1 ?????????elmah.axd'
03 Sep 2020
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'nagli'
b'Reflected XSS on ???????'
03 Sep 2020
b'Mail.ru'
disclosed a bug submitted by
b'yukusawa18'
b'REFLECTED XSS On http://jsgames.mail.ru/bad_browser.php via back_url paramter'
03 Sep 2020
b'Mail.ru'
disclosed a bug submitted by
b'r0hack'
b'SQL injection at fleet.city-mobil.ru'
03 Sep 2020
b'Equifax'
disclosed a bug submitted by
b'aksquare'
b'Open SonarQube instance leaking internal source code'
03 Sep 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'lightangel1412'
b'[static-server-gx] Path Traversal allowing to read any files on the server'
03 Sep 2020
b'Yelp'
disclosed a bug submitted by
b'cocoh__23'
b'IDOR in locid parameter allowing to view others accounts Profile Locations '
02 Sep 2020
b'Twitter'
disclosed a bug submitted by
b'cyanpiny'
b'Denial of Service | twitter.com & mobile.twitter.com'
02 Sep 2020
b'Mail.ru'
disclosed a bug submitted by
b'steal_wart'
b'Subdomain Takeover at analyticstest.geekbrains.ru'
02 Sep 2020
b'Mail.ru'
disclosed a bug submitted by
b'iframe'
b'[api.33slona.ru] ?????? ? API ?? ?? ???????????? ???????????? ??????? 302 ???????.'
02 Sep 2020
b'Mail.ru'
disclosed a bug submitted by
b'iframe'
b'looch.tv CORS crossite user information and stream_key access'
02 Sep 2020
b'Mail.ru'
disclosed a bug submitted by
b'avolume'
b'Public access to Sidekiq dashboard at shopper.sbermarket.ru'
02 Sep 2020
b'Shopify'
disclosed a bug submitted by
b'francisbeaudoin'
b"Takeover an account that doesn't have a Shopify ID and more"
02 Sep 2020
b'Imgur'
disclosed a bug submitted by
b'zerox4'
b'Stored XSS in Post title (PoC)'
02 Sep 2020
b'Ruby on Rails'
disclosed a bug submitted by
b'ooooooo_q'
b'XSS by file (Active Storage `Proxying`)'
01 Sep 2020
b'Starbucks'
disclosed a bug submitted by
b'x3n0nn3p'
b'CRLF injection on www.starbucks.com'
01 Sep 2020
b'Yelp'
disclosed a bug submitted by
b'alaayousef'
b'Clickjacking lead to remove review'
01 Sep 2020
1
...
223
224
225
226
227
...
693
BY DENIS WERNER - @NOBBD -
IMPRESSUM