REPORTS
PROGRAMS
PUBLISHERS
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'QIWI'
disclosed a bug submitted by
b'ganofins'
b'gifts.flocktory.com/phpmyadmin is vulnerable csrf'
14 Apr 2021
b'QIWI'
disclosed a bug submitted by
b'honoki'
b'Remote Code Execution on contactws.contact-sys.com via SQL injection in TPrabhuObject.BeginOrder in parameter DOC_ID'
14 Apr 2021
b'QIWI'
disclosed a bug submitted by
b'honoki'
b'Remote Code Execution on contactws.contact-sys.com via SQL injection in TAktifBankObject.GetOrder in parameter DOC_ID'
14 Apr 2021
b'Acronis'
disclosed a bug submitted by
b'ali'
b'Flash Based Reflected XSS on www.grouplogic.com/jwplayer/player.swf'
13 Apr 2021
b'Acronis'
disclosed a bug submitted by
b'ali'
b'Reflected XSS on www.grouplogic.com/video.asp'
13 Apr 2021
b'Acronis'
disclosed a bug submitted by
b'ali'
b'Reflected XSS on http://www.grouplogic.com/files/glidownload/verify.asp'
13 Apr 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'someonenobbd'
b'porcupiney.hairs : Java/Android - Insecure Loading of a Dex File '
12 Apr 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'someonenobbd'
b'[codeql-go]: Add CWE-79: HTML template escaping passthrough'
12 Apr 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'ihsinme'
b'ihsinme: CPP Add query for CWE-570 detect and handle memory allocation errors.'
12 Apr 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'someonenobbd'
b'[Java] CWE-759: Query to detect password hash without a salt'
12 Apr 2021
b'Stripo Inc'
disclosed a bug submitted by
b'0x6964696f74'
b'Stored XSS at Module Name'
12 Apr 2021
b'Mail.ru'
disclosed a bug submitted by
b'kiriknik'
b'Blind SSRF on [relap.io]'
12 Apr 2021
b'Zivver'
disclosed a bug submitted by
b'irfan07'
b'Cross-site Scripting (XSS) - Reflected'
12 Apr 2021
b'DuckDuckGo'
disclosed a bug submitted by
b'pmoc'
b'Reflected/Stored XSS on duckduckgo.com'
10 Apr 2021
b'Mail.ru'
disclosed a bug submitted by
b'dennisleo6'
b'read new emails from any inbox IOS APP in notification center'
10 Apr 2021
b'Mail.ru'
disclosed a bug submitted by
b'chutchut'
b'Local SQL Injection in Content Provider (ru.mail.data.contact.ContactsProvider) of Mail.ru for Android, version 12.2.0.29734'
10 Apr 2021
b'U.S. General Services Administration'
disclosed a bug submitted by
b'amannnnnnnnnnnnnnn'
b'CRLF INJECTION '
10 Apr 2021
b'Uber'
disclosed a bug submitted by
b'm4ll0x0k'
b'Exposedin apk file - devbuilds.uber.com'
09 Apr 2021
b'Glassdoor'
disclosed a bug submitted by
b'bendtheory'
b'XSS at https://www.glassdoor.com/Salary/* via filter.jobTitleExact'
09 Apr 2021
b'VK.com'
disclosed a bug submitted by
b'manaenckov'
b'Open Redirect VKMA'
09 Apr 2021
1
...
236
237
238
239
240
...
769
BY DENIS WERNER - @NOBBD -
IMPRESSUM