REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
57
b'ooooooo_q'
50
b'haxta4ok00'
49
b'jon_bottarini'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Shopify'
disclosed a bug submitted by
b'ryat'
b'A staff without export customers permissions can still export customers CSV file'
15 Sep 2020
b'Shopify'
disclosed a bug submitted by
b'risinghunter'
b'staff can able to extend shopify trial period without admin permission'
15 Sep 2020
b'GitLab'
disclosed a bug submitted by
b'sevilboylum'
b'Adding everyone to the repo due to the lack of rate limit'
14 Sep 2020
b'h1-ctf'
disclosed a bug submitted by
b'louzogh'
b'[h1-2006 2020] Bounty payments are done !'
14 Sep 2020
b'Shopify'
disclosed a bug submitted by
b'francisbeaudoin'
b'XSS within Shopify Email App - Admin'
14 Sep 2020
b'Shopify'
disclosed a bug submitted by
b'kunal94'
b'Staff member with no permission can delete POS staff from account settings'
14 Sep 2020
b'Shopify'
disclosed a bug submitted by
b'francisbeaudoin'
b"Partner's non-verified business email change reflected into Shopify Collaborator Request"
14 Sep 2020
b'Shopify'
disclosed a bug submitted by
b'whoami991'
b'XSS / SELF XSS'
14 Sep 2020
b'Shopify'
disclosed a bug submitted by
b'jaka_tingkir'
b'Admin web sessions remain active after logout of Shopify ID'
14 Sep 2020
b'Shopify'
disclosed a bug submitted by
b'francisbeaudoin'
b'Password protection can be removed for newly created development store '
14 Sep 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'd3lla'
b'[flsaba] Stored XSS in the file and directory name when directories listing'
14 Sep 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'd3lla'
b'[objtools] Prototype pollution'
14 Sep 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'd3lla'
b'[keyd] Prototype pollution'
14 Sep 2020
b'Shopify'
disclosed a bug submitted by
b'dakitu'
b'Cache poisoning via X-Forwarded-Host in www.shopify.com/partners/blog'
11 Sep 2020
b'CS Money'
disclosed a bug submitted by
b'mr_vrush'
b'Internal Path Disclosure'
11 Sep 2020
b'Bitwarden'
disclosed a bug submitted by
b'shielder'
b'Blind HTTP GET SSRF via website icon fetch (bypass of pull#812)'
11 Sep 2020
b'Twitter'
disclosed a bug submitted by
b'protostar0'
b'http request smuggling in pscp.tv and periscope.tv'
10 Sep 2020
b'Central Security Project'
disclosed a bug submitted by
b'c0d3p1ut0s'
b'Unsafe deserialization in Nexus Repository helm plugin'
10 Sep 2020
b'HackerOne'
disclosed a bug submitted by
b'haxta4ok00'
b'Team object in GraphQL disclosed private_comment'
10 Sep 2020
b'Twitter'
disclosed a bug submitted by
b'cyanpiny'
b'Safe Redirect Bypass '
10 Sep 2020
1
...
245
246
247
248
249
...
719
BY DENIS WERNER - @NOBBD -
IMPRESSUM