Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'57 
b'ooooooo_q'50 
b'haxta4ok00'49 
b'jon_bottarini'49 

the unofficial HackerOne disclosure timeline.

X
b'Vercel' disclosed a bug submitted by b'morax' 
b'User personal data disclosure via API'
07 Oct 2020 timeline
b'BugPoC' disclosed a bug submitted by b'absshax' 
b'LFI to steal /etc/passwd - Bypass filter in the <meta property="og:image"> tag via redirect and much more'
07 Oct 2020 timeline
b'Starbucks' disclosed a bug submitted by b'k3mlol' 
b'Thailand - SNMP Publicly Accessible'
07 Oct 2020 timeline
b'GitLab' disclosed a bug submitted by b'rpadovani' 
b'Elasticsearch leaks data through the notes scope'
06 Oct 2020 timeline
b'GitLab' disclosed a bug submitted by b'rpadovani' 
b"Transferring a public group to a private group doesn't remove code from the Elastichsearch API search result"
06 Oct 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'jayesh25' 
b'Forgot Password Page SMS Brute Force could lead to Account Takeover using Android/IOS app "About the house" via api.prodom.smart.space'
06 Oct 2020 timeline
b'NordVPN' disclosed a bug submitted by b'th3pr0xyb0y' 
b'Password Reset Link Leaked In Refer Header In Request To Third Party Sites '
06 Oct 2020 timeline
b'Acronis' disclosed a bug submitted by b'full109tun' 
b'Missing rate limit for current password field (Password Change) Account Takeover'
06 Oct 2020 timeline
b'ZIVVER' disclosed a bug submitted by b'swaysthinking' 
b'XXE Injection through SVG image upload leads to SSRF'
06 Oct 2020 timeline
b'CS Money' disclosed a bug submitted by b'michael7854' 
b'Server-side denial of service via large payload sent to wiki.cs.money/graphql'
05 Oct 2020 timeline
b'Central Security Project' disclosed a bug submitted by b'keval_j' 
b'Repositories of datanucleus are fetched over insecure protocol (http insted of https)'
05 Oct 2020 timeline
b'Moneybird' disclosed a bug submitted by b'tofla' 
b'Stored XSS on add project'
05 Oct 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'act1on3' 
b'[https://youdrive.today/] Nginx directory traversal'
05 Oct 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'damian89' 
b'Access to git & and configuration files on backtoschool.geekbrains.ru via gitfile'
05 Oct 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'jayesh25' 
b'Improper Restriction of Excessive Authentication Attempts at https://api.warrobots.com/auth (Pixonic Games)'
05 Oct 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'jayesh25' 
b'Improper Restriction of Excessive Authentication Attempts at o2-ac.my.com/token'
05 Oct 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'aboutmen' 
b'Bypass hide download Nextcloud Share'
05 Oct 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'jayesh25' 
b'Clickjacking Vulnerability via https://webagent.mail.ru leading to protection bypass for https://web.icq.com/ end point'
05 Oct 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'kwel' 
b'? ??????? ??????? ??????????? ????????? ????? ?????? ? ?????? ?????? ?? ID [smart.space]'
05 Oct 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'kwel' 
b'??????????? ????????? ??????????? ? ????? ?????????? [corporate.city-mobil.ru]'
05 Oct 2020 timeline
1 ... 240 241 242 243 244 ... 719
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM