REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
84
b'linkks'
75
b'jobert'
70
b'nyymi'
64
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'CS Money'
disclosed a bug submitted by
b'rootishere'
b'Content Spoofing/Text Injection in https://support.cs.money and JS file not minified and uglyfied which makes it clearly readable '
12 Nov 2020
b'QIWI'
disclosed a bug submitted by
b'circuit'
b'IDOR '
12 Nov 2020
b'QIWI'
disclosed a bug submitted by
b'circuit'
b' - access '
12 Nov 2020
b'QIWI'
disclosed a bug submitted by
b'circuit'
b'[qiwi.me] Stored XSS'
12 Nov 2020
b'
'
disclosed a bug submitted by
b'oversecured'
b'Android: Explanation of Access to app protected components vulnerability'
11 Nov 2020
b'Slack'
disclosed a bug submitted by
b'cyanpiny'
b'DoS on the Direct Messages'
11 Nov 2020
b'Mail.ru'
disclosed a bug submitted by
b'olidayw'
b"Disclosure of personal support email addresses on 'support-fleet.city-mobil.ru'"
11 Nov 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'ryotak'
b'[node-downloader-helper] Path traversal via Content-Disposition header'
11 Nov 2020
b'Google'
disclosed a bug submitted by
b'oversecured'
b"CVE-2020-8913 - Persistent arbitrary code execution in Android's Google Play Core Library: details, explanation and the PoC"
11 Nov 2020
b'Slack'
disclosed a bug submitted by
b'secalert'
b'Access to some Slack workspace metadata and settings available to unauthorized parties'
10 Nov 2020
b'Slack'
disclosed a bug submitted by
b'bubbounty'
b'Possibility to freeze/crash the host system of all Slack Desktop users easily'
10 Nov 2020
b'Slack'
disclosed a bug submitted by
b'pclinger'
b'Uninstalling Slack for Windows (64-bit), then reinstalling keeps you logged in without authentication'
10 Nov 2020
b'BugPoC'
disclosed a bug submitted by
b'pirateducky'
b'csp bypass leads to xss on wacky.buggywebsite.com'
10 Nov 2020
b'VK.com'
disclosed a bug submitted by
b'davscol94'
b'XSS Reflected in m.vk.com'
10 Nov 2020
b'Basecamp'
disclosed a bug submitted by
b'tw4v3sx'
b'a very long name in hey.com can prevent anyone from accessing their contacts and probably can cause denial of service'
10 Nov 2020
b'Dropbox'
disclosed a bug submitted by
b'sayaanalam'
b'Server Side Request Forgery (SSRF) at app.hellosign.com leads to AWS private keys disclosure'
10 Nov 2020
b'Acronis'
disclosed a bug submitted by
b'sayaanalam'
b'Ticket Trick at https://account.acronis.com'
10 Nov 2020
b'GitHub Security Lab'
disclosed a bug submitted by
b'luchua'
b'Java: Detect remote source from Android intent extra'
09 Nov 2020
b'Brave Software'
disclosed a bug submitted by
b'root_geek'
b'No rate limiting for confirmation email lead to email flooding and leads to enumeration of emails in publishers.basicattentiontoken.org'
09 Nov 2020
b'HackerOne'
disclosed a bug submitted by
b'nahamsec'
b"Blind Stored XSS in HackerOne's Sal 4.1.4.2149 (sal..com)"
09 Nov 2020
1
...
252
253
254
255
256
...
741
BY DENIS WERNER - @NOBBD -
IMPRESSUM
