REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'BugPoC'
disclosed a bug submitted by
b'bad5ect0r'
b'XSS Challenge #2 Solution'
12 Aug 2020
b'BugPoC'
disclosed a bug submitted by
b'ivarsvids'
b'DOM based Cross-site Scripting'
12 Aug 2020
b'Mail.ru'
disclosed a bug submitted by
b'xaleraf4ra'
b'[performancemarketing.geekbrains.ru] Tilda Subdomain Takeover'
12 Aug 2020
b'Mail.ru'
disclosed a bug submitted by
b'nitin1205'
b'Bypass OTP on contact back request at https://driver.city-mobil.ru/'
12 Aug 2020
b'Mail.ru'
disclosed a bug submitted by
b'steal_wart'
b'Subdomain takeover at msproject.geekbrains.ru'
12 Aug 2020
b'Mail.ru'
disclosed a bug submitted by
b'dedsec69'
b'Vertical Privilege Escalation on {target.my.com}'
12 Aug 2020
b'Mail.ru'
disclosed a bug submitted by
b'anyday'
b'[c-api.city-mobil.ru] IDOR chat messages between driver and customer'
12 Aug 2020
b'Mail.ru'
disclosed a bug submitted by
b'shuraros'
b'tracker.my.com information disclosure via csrf bypass'
12 Aug 2020
b'Mail.ru'
disclosed a bug submitted by
b'shuraros'
b'information disclosure via IDOR on "https://target.my.com/api/v2/coverage/segment.json?id={id}" endpoint'
12 Aug 2020
b'Visma Public'
disclosed a bug submitted by
b'vapour'
b'A sales only user can edit the purchase invoice drafts.'
12 Aug 2020
b'Visma Public'
disclosed a bug submitted by
b'vapour'
b'Improper access control allows sales only user to view bank balance of company accounts.'
12 Aug 2020
b'GitHub Security Lab'
disclosed a bug submitted by
b'grzegol'
b'LDAP injection vulnerability in Java'
11 Aug 2020
b'GitHub Security Lab'
disclosed a bug submitted by
b'porcupineyhairs'
b'Golang : Improvements to Golang SSRF query'
11 Aug 2020
b'Zomato'
disclosed a bug submitted by
b'cybrot'
b'Lack of Password Confirmation for Account Deletion'
11 Aug 2020
b'Dropcontact'
disclosed a bug submitted by
b'omarelfarsaoui'
b'Unrestricted File Upload on https://app.dropcontact.io/app/upload/'
11 Aug 2020
b'Dropcontact'
disclosed a bug submitted by
b'kapkan'
b'Host Header Injection.'
11 Aug 2020
b'Dropcontact'
disclosed a bug submitted by
b'kapkan'
b'Unauthorized Access and updation of EMAIL settings of other user at https://app.dropcontact.io/app/sponsorship/ by changing the " email " parameter.'
11 Aug 2020
b'Visma Public'
disclosed a bug submitted by
b'vapour'
b'Missing authorization allows sales only user to record payment.'
11 Aug 2020
b'Zomato'
disclosed a bug submitted by
b'zzzhacker13'
b'[api.zomato.com] Abusing LocalParams (city_id) to Inject SOLR query'
11 Aug 2020
b'Zomato'
disclosed a bug submitted by
b'zzzhacker13'
b'[www.zomato.com] Blind SQL Injection in /php/widgets_handler.php'
10 Aug 2020
1
...
232
233
234
235
236
...
693
BY DENIS WERNER - @NOBBD -
IMPRESSUM