REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'8x8'
disclosed a bug submitted by
b'madrobot'
b'XSS (Cross site scripting) on https://apimgr.8x8.com'
09 Jun 2020
b'8x8'
disclosed a bug submitted by
b'madrobot'
b'Reflected XSS on http://axa.dxi.eu'
09 Jun 2020
b'8x8'
disclosed a bug submitted by
b'whitehatmat'
b'Directory listing of https://get8x8.com/'
09 Jun 2020
b'8x8'
disclosed a bug submitted by
b'madrobot'
b'Xss (cross site scripting) on http://axa.dxi.eu/'
09 Jun 2020
b'InnoGames'
disclosed a bug submitted by
b'aeswagyewgyes'
b'Impersonation and ticket id enumeration on support.innogames.com'
09 Jun 2020
b'WordPress'
disclosed a bug submitted by
b'simonscannell'
b'RCE as Admin defeats WordPress hardening and file permissions'
09 Jun 2020
b'8x8'
disclosed a bug submitted by
b'sandrogauci'
b'Open TURN relay abuse is possible due to lack of peer access control (Critical)'
08 Jun 2020
b'DRIVE.NET, Inc.'
disclosed a bug submitted by
b'what_web'
b'[www.drive2.ru] There is no rate limit for comments endpoints.'
08 Jun 2020
b'GitLab'
disclosed a bug submitted by
b'vakzz'
b'gitlab-workhorse bypass in Gitlab::Middleware::Multipart allowing files in `allowed_paths` to be read'
08 Jun 2020
b'GitLab'
disclosed a bug submitted by
b'vakzz'
b'SSRF on project import via the remote_attachment_url on a Note'
07 Jun 2020
b'Semmle'
disclosed a bug submitted by
b'thehackerish'
b'Docker Registry HTTP API v2 exposed in HTTP without authentication leads to docker images dumping and poisoning'
06 Jun 2020
b'GitHub Security Lab'
disclosed a bug submitted by
b'grzegol'
b'CodeQL query to detect JNDI injections'
05 Jun 2020
b'HackerOne'
disclosed a bug submitted by
b'msdian7'
b'Unauthorized access to metadata of undisclosed reports that were retested'
05 Jun 2020
b'GitHub Security Lab'
disclosed a bug submitted by
b'logicmap'
b'gagliardetto: Query to detect incorrect conversion between numeric types'
04 Jun 2020
b'GitHub Security Lab'
disclosed a bug submitted by
b'grzegol'
b'CodeQL query to detect open Spring Boot actuator endpoints'
04 Jun 2020
b'GitHub Security Lab'
disclosed a bug submitted by
b'someonenobbd'
b'CPP: Missing/incomplete TLS server certificate hostname validation'
04 Jun 2020
b'GitHub Security Lab'
disclosed a bug submitted by
b'luchua'
b'[Java] CWE-939 - Address improper URL authorization'
04 Jun 2020
b'Mail.ru'
disclosed a bug submitted by
b'rainbow_json'
b'[pulse.mail.ru] ?????? ? ?????????? ????? ????????'
04 Jun 2020
b'Mail.ru'
disclosed a bug submitted by
b'urban_tramp'
b'XSS on https://deti.mail.ru/'
04 Jun 2020
b'Mail.ru'
disclosed a bug submitted by
b'byq'
b'[my.games] Stored XSS via untrusted bucket'
04 Jun 2020
1
...
252
253
254
255
256
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM