REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'PayPal'
disclosed a bug submitted by
b'linkks'
b'Reflected XSS at https://www.paypal.com/ppcreditapply/da/us'
19 May 2020
b'Starbucks'
disclosed a bug submitted by
b'nnez'
b'Thailand - IDOR on www.starbuckscardth.in.th: A logged in user could view any Thailand Starbucks card balance if they knew that Starbucks card number'
19 May 2020
b'LINE'
disclosed a bug submitted by
b'shaolin_tw'
b'Request smuggling on admin-official.line.me could lead to account takeover'
19 May 2020
b'Ruby on Rails'
disclosed a bug submitted by
b'travispew'
b'ActiveStorage direct upload fails to sign content-length header for S3 service'
18 May 2020
b'Ruby on Rails'
disclosed a bug submitted by
b'abuisman'
b'ActionController::Parameters .each returns an unsafe hash'
18 May 2020
b'Open-Xchange'
disclosed a bug submitted by
b'catenacyber'
b'Use after free in smtp_server_connection_handle_command'
18 May 2020
b'Open-Xchange'
disclosed a bug submitted by
b'catenacyber'
b'Null pointer dereference in SMTP server function smtp_string_parse'
18 May 2020
b'Clario'
disclosed a bug submitted by
b'sec0ndw0lf'
b'CORS Misconfiguration, could lead to disclosure of sensitive information (translate.kromtech.com)'
18 May 2020
b'InnoGames'
disclosed a bug submitted by
b'batee5a'
b'Chaining Bugs: Leakage of CSRF token which leads to Stored XSS and Account Takeover (xs1.tribalwars.cash)'
18 May 2020
b'curl'
disclosed a bug submitted by
b'geeknik'
b'Invalid write (or double free) triggers curl command line tool crash'
18 May 2020
b'InnoGames'
disclosed a bug submitted by
b'batee5a'
b'Race condition in activating email resulting in infinite amount of diamonds received'
18 May 2020
b'Clario'
disclosed a bug submitted by
b'dilawer01'
b'Multiple Links Vulnerable to Reflected xss'
17 May 2020
b'Clario'
disclosed a bug submitted by
b'dilawer01'
b'Reflected xss'
17 May 2020
b'Clario'
disclosed a bug submitted by
b'dilawer01'
b'Reflected xss on mackeeper.com'
17 May 2020
b'Clario'
disclosed a bug submitted by
b'dilawer01'
b'open redirect at https://account.mackeeper.com/auth/signin/continue via improper uri sanitization'
17 May 2020
b'MTN Group'
disclosed a bug submitted by
b'miguel_santareno'
b'SharePoint exposed web services in a subdomain'
16 May 2020
b'HackerOne'
disclosed a bug submitted by
b'p4fg'
b'404-response contains debug-information with all headers'
16 May 2020
b'ok.ru'
disclosed a bug submitted by
b'iframe'
b'?????????? CSRF ????? ?? ??????? ???????? ???????.'
15 May 2020
b'HackerOne'
disclosed a bug submitted by
b'amans'
b'Subdomain takeover of resources.hackerone.com'
15 May 2020
b'HackerOne'
disclosed a bug submitted by
b'haxta4ok00'
b'Customer private program can disclose email any users through invited via username'
15 May 2020
1
...
257
258
259
260
261
...
693
BY DENIS WERNER - @NOBBD -
IMPRESSUM