REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'GitLab'
disclosed a bug submitted by
b'rhynorater'
b"Full Read SSRF on Gitlab's Internal Grafana"
07 Aug 2020
b'Dropcontact'
disclosed a bug submitted by
b'kapkan'
b'User can Subscribe a plan that is hidden by manipulating the value of "subscription" parameter at [ https://app.dropcontact.io/app/checkout/]'
07 Aug 2020
b'Unikrn'
disclosed a bug submitted by
b'l_user'
b'Lack of Input sanitization leads to database Character encoding configuration Disclosure'
07 Aug 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'vrechson'
b'[wappalyzer] ReDoS allows an attacker to completely break Wappalyzer'
06 Aug 2020
b'Nextcloud'
disclosed a bug submitted by
b'cwave'
b'Memory Leak in OCUtil.dll library in Desktop client can lead to DoS'
06 Aug 2020
b'LINE'
disclosed a bug submitted by
b'kazan71p'
b'Spring Actuator endpoints publicly available and broken authentication'
06 Aug 2020
b'8x8'
disclosed a bug submitted by
b'wisp'
b'Send Phishing/Spam email from support@sameroom.io to any email address.'
05 Aug 2020
b'Rockset'
disclosed a bug submitted by
b'thatquasar'
b'S3 bucket data at http://rockset-support.s3-us-west-2.amazonaws.com/ reveals user addresses based on latitudes and longitudes.'
05 Aug 2020
b'Nextcloud'
disclosed a bug submitted by
b'l00ph0le'
b'Arbitrary code execution in desktop client via OpenSSL config'
05 Aug 2020
b'Nextcloud'
disclosed a bug submitted by
b'yzy9951'
b'XSS in image metadata field'
05 Aug 2020
b'concrete5'
disclosed a bug submitted by
b'thiennv'
b'Time-base SQL Injection in Search Users'
05 Aug 2020
b'GitLab'
disclosed a bug submitted by
b'yvvdwf'
b'Stored XSS in blob viewer'
04 Aug 2020
b'LINE'
disclosed a bug submitted by
b'kazan71p'
b'Spring Actuator endpoints publicly available, leading to account takeover'
04 Aug 2020
b'Twitter'
disclosed a bug submitted by
b'ryotak'
b'Private list members disclosure via GraphQL'
04 Aug 2020
b'GitLab'
disclosed a bug submitted by
b'semsem123'
b'Unrestricted file upload leads to Stored XSS'
03 Aug 2020
b'LINE'
disclosed a bug submitted by
b'j0eii'
b'Insufficient access control on all BCRM instances leading to the ability to create admin accounts using the API'
03 Aug 2020
b'Mail.ru'
disclosed a bug submitted by
b'kursadalsan'
b'Open Redirect at "city-mobil.ru"'
03 Aug 2020
b'Mail.ru'
disclosed a bug submitted by
b'aslanemre'
b'xss while uploading a file'
03 Aug 2020
b'Mail.ru'
disclosed a bug submitted by
b'pisarenko'
b'xss on [storehouse5.ucs.ru]'
03 Aug 2020
b'Mail.ru'
disclosed a bug submitted by
b'mehulpanchal007'
b'Reflected XSS in "keywords" parameter at "https://sbermarket.ru/metro/search"'
03 Aug 2020
1
...
235
236
237
238
239
...
694
BY DENIS WERNER - @NOBBD -
IMPRESSUM