REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
84
b'linkks'
75
b'jobert'
70
b'nyymi'
64
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Glassdoor'
disclosed a bug submitted by
b'prateek_0490'
b"Access to Glassdoor's Infra (AWS) and BitBucket account through leaked repo"
12 Feb 2021
b'8x8'
disclosed a bug submitted by
b'melbadry9'
b'DNS Miconfiguration (Subdomain Takeover) .8x8.com'
12 Feb 2021
b'Maker Ecosystem Growth Holdings, Inc'
disclosed a bug submitted by
b'harsithsivanandham'
b'xmlrpc.php FILE IS enabled it will used for Bruteforce attack and Denial of Service(DoS)'
12 Feb 2021
b'Informatica'
disclosed a bug submitted by
b'lu3ky-13'
b'Html injection on .informatica.com via search.html?q=1'
12 Feb 2021
b'Shopify'
disclosed a bug submitted by
b'corraldev'
b'Screenshot Service leaks X-ABS-App-Token'
12 Feb 2021
b'Mail.ru'
disclosed a bug submitted by
b'bobrov'
b'[supportlocal.delivery-club.ru] Subdomain Takeover'
12 Feb 2021
b'Mail.ru'
disclosed a bug submitted by
b'jayesh25'
b'Clickjacking Vulnerability via https://www.donationalerts.com/help/support leads to bypass for widget.support.my.games X-Frame Options'
12 Feb 2021
b'Twitter'
disclosed a bug submitted by
b'a13h1'
b'Bypass Password Authentication to Update the Password'
12 Feb 2021
b'Khan Academy'
disclosed a bug submitted by
b'sh3rl0ck_'
b'Password authentication when changing information bypass. Bypass of report #721341'
11 Feb 2021
b'TikTok'
disclosed a bug submitted by
b'iambouali'
b'Lack of rate limitation on careers site allows the attacker to brute force the verification code'
11 Feb 2021
b'Shopify'
disclosed a bug submitted by
b'francisbeaudoin'
b'Ability to potentially hit internal NGINX locations on *.myshopify.com by making use of the `X-Accel-Redirect` header via a configured App Proxy'
11 Feb 2021
b'Shopify'
disclosed a bug submitted by
b'luc1d'
b'Open Redirect on Login Page of Stocky App'
11 Feb 2021
b'Shopify'
disclosed a bug submitted by
b'coldd'
b'xss on polaris.shopify.com/demo using postMessage'
11 Feb 2021
b'Shopify'
disclosed a bug submitted by
b'shadow-m'
b'The authentication code when activating 2FA can be used again to log in'
11 Feb 2021
b'Mail.ru'
disclosed a bug submitted by
b'rainbow_json'
b'[MY.GAMES] XSS '
11 Feb 2021
b'Sixt GmbH & Co. Autovermietung KG'
disclosed a bug submitted by
b'reliance'
b'Company Employes Sensitive Information exposed in Android App'
11 Feb 2021
b'Automattic'
disclosed a bug submitted by
b'superman85'
b'[sub.wordpress.com] - XSS when adjust block Poll - Confirmation Message - On submission:Redirect to another webpage - Redirect address:[xss_payload]'
11 Feb 2021
b'VK.com'
disclosed a bug submitted by
b'executor'
b'XSS '
11 Feb 2021
b'QIWI'
disclosed a bug submitted by
b'xaleraf4ra'
b'[z.tochka.com] Unlimited file uploads lead to malware executed'
11 Feb 2021
b'VK.com'
disclosed a bug submitted by
b'onlymalelove'
b'Stored XSS .'
11 Feb 2021
1
...
226
227
228
229
230
...
741
BY DENIS WERNER - @NOBBD -
IMPRESSUM
