REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Shopify'
disclosed a bug submitted by
b'rioncool22'
b'Blind Stored XSS Via Staff Name'
18 Aug 2020
b'WordPress'
disclosed a bug submitted by
b'simonscannell'
b'Stored XSS in Post Preview as Contributor'
18 Aug 2020
b'WordPress'
disclosed a bug submitted by
b'simonscannell'
b'pre-auth Stored XSS in comments via javascript: url when administrator edits user supplied comment'
18 Aug 2020
b'Mendix'
disclosed a bug submitted by
b'enixium'
b'Reflected XSS in "*.mendix.com/openid/*"'
18 Aug 2020
b'Dropcontact'
disclosed a bug submitted by
b'try___for_impossible'
b'IDOR at [https://dropcontact.firstpromote] which allows an UNAUTHORIZED user to ACCESS and EDIT Paypal GMAIL by Changing the ID.'
18 Aug 2020
b'Gener8'
disclosed a bug submitted by
b'5hu8h4m_n4g4'
b'Session not invalidated after password reset'
18 Aug 2020
b'Solana BBP'
disclosed a bug submitted by
b'anjpan'
b'Sensitive data leaks [username, password, keys]'
18 Aug 2020
b'Solana BBP'
disclosed a bug submitted by
b'mersalinio'
b"i don't the important and it's impact . the affected asset: https://github.com/solana-labs/solana/blob/master/.buildkite/env/secrets.ejson"
18 Aug 2020
b'Solana BBP'
disclosed a bug submitted by
b'mersalinio'
b" i don't the important and it's impact . the affected asset : https://github.com/solana-labs/solana/blob/master/.buildkite/env/secrets.ejson"
18 Aug 2020
b'GitLab'
disclosed a bug submitted by
b'plazmaz'
b'SSRF In plantuml (on plantuml.pre.gitlab.com)'
17 Aug 2020
b'Nextcloud'
disclosed a bug submitted by
b'icewater'
b'Linux client is vulnerable to directory traversal when downloading files'
17 Aug 2020
b'Nextcloud'
disclosed a bug submitted by
b'inhibitor181'
b'RTLO character allowed in shared files'
17 Aug 2020
b'Omise'
disclosed a bug submitted by
b'justlife_4x4'
b'Authenticity token doesnt expire after single use leading to CSRF'
17 Aug 2020
b'Nextcloud'
disclosed a bug submitted by
b'jplopezy'
b'XSS in desktop client via invalid server address on login form'
17 Aug 2020
b'OWOX, Inc.'
disclosed a bug submitted by
b'ant_pyne'
b'Unrestricted File Upload in Chat Window'
16 Aug 2020
b'BugPoC'
disclosed a bug submitted by
b'd1r3wolf'
b'Solution for XSS challenge calc.buggywebsite.com'
15 Aug 2020
b'Topcoder'
disclosed a bug submitted by
b'tushr'
b'SVG file upload leads to XML injection'
14 Aug 2020
b'Bitwala'
disclosed a bug submitted by
b'lamscun'
b'HTML injection in email content'
14 Aug 2020
b'Yoti'
disclosed a bug submitted by
b'lamscun'
b'[www.yoti.com] Wordpress user admin information discloure'
14 Aug 2020
b'Automattic'
disclosed a bug submitted by
b'hannanhaseeb'
b'Denial-of- service By Cache Poisoning The Cross-Origin Resource Sharing Misconfiguration Allow Origin Header'
14 Aug 2020
1
...
228
229
230
231
232
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM