REPORTS
PROGRAMS
PUBLISHERS
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Nextcloud'
disclosed a bug submitted by
b'syachineko'
b'No set limit to try to login in "https://auth.nextcloud.com/auth/realms/master/protocol/openid-connect/auth" page.'
20 Apr 2021
b'Kryptor'
disclosed a bug submitted by
b'jaimaakali'
b'Kryptor/SECURITY.md missing HACKERONE program update.'
19 Apr 2021
b'Mail.ru'
disclosed a bug submitted by
b'3xternull'
b'Stored XSS on store.my.games'
17 Apr 2021
b'Node.js third-party modules'
disclosed a bug submitted by
b'd3lla'
b'[wireguard-wrapper] Command Injection via insecure command concatenation'
16 Apr 2021
b'CS Money'
disclosed a bug submitted by
b'sawmj'
b'Blind Based SQL Injection in 3d.sc.money'
16 Apr 2021
b'Glassdoor'
disclosed a bug submitted by
b'stregh'
b'web.xml configuration file disclosure'
16 Apr 2021
b'Glassdoor'
disclosed a bug submitted by
b'n1xk_10'
b'Reflected XSS at https://www.glassdoor.co.in/FAQ/Microsoft-Question-FAQ200086-E1651.htm?countryRedirect=true via PATH'
16 Apr 2021
b'Glassdoor'
disclosed a bug submitted by
b'n1xk_10'
b'Reflected XSS at https://www.glassdoor.com/Interview/Accenturme-Interview-Questions-E9931.htm via filter.jobTitleFTS parameter'
16 Apr 2021
b'Glassdoor'
disclosed a bug submitted by
b'n1xk_10'
b'Reflected XSS at https://www.glassdoor.co.in/Interview/BlackRock-Interview-Questions-E9331.htm via filter.jobTitleExact parameter'
16 Apr 2021
b'Glassdoor'
disclosed a bug submitted by
b'n1xk_10'
b'Reflected XSS at https://www.glassdoor.co.in/Job/pratt-whitney-jobs-SRCH_KE0,13.htm?initiatedFromCountryPicker=true&countryRedirect=true'
16 Apr 2021
b'Glassdoor'
disclosed a bug submitted by
b'turb0h4x'
b'CSRF in Demographic Settings with valid gdtoken of other account '
16 Apr 2021
b'Glassdoor'
disclosed a bug submitted by
b'jackb898'
b'HTML Injection in Glassdoor job sharing emails'
16 Apr 2021
b'Glassdoor'
disclosed a bug submitted by
b'flex0geek'
b'[XSS] Reflected XSS via POST request in (editJobAlert.htm) file'
16 Apr 2021
b'Glassdoor'
disclosed a bug submitted by
b'4peace'
b'Dom XSS Rootkit on [https://www.glassdoor.com/]'
16 Apr 2021
b'TikTok'
disclosed a bug submitted by
b'bubbounty'
b'RCE on TikTok Ads Portal'
15 Apr 2021
b'Grammarly'
disclosed a bug submitted by
b'cache-money'
b"Ability to DOS any organization's SSO and open up the door to account takeovers"
15 Apr 2021
b'Ruby'
disclosed a bug submitted by
b'jupenur'
b'Round-trip instability in REXML'
15 Apr 2021
b'Nextcloud'
disclosed a bug submitted by
b'7a69'
b'Nextcloud Desktop Client RCE via malicious URI schemes'
15 Apr 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'someonenobbd'
b'[Java] CWE-1004: Query to check sensitive cookies without the HttpOnly flag set '
14 Apr 2021
b'U.S. General Services Administration'
disclosed a bug submitted by
b'valluvarsploit_h1'
b'PHP info page disclosure'
14 Apr 2021
1
...
235
236
237
238
239
...
769
BY DENIS WERNER - @NOBBD -
IMPRESSUM