REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Mail.ru'
disclosed a bug submitted by
b'organdonor'
b'Ability to find out the name of the database table and its columns'
30 Apr 2020
b'Mail.ru'
disclosed a bug submitted by
b'root0x0'
b'Http Response Splitting on thumb.cloud.mail.ru'
30 Apr 2020
b'Mail.ru'
disclosed a bug submitted by
b'wize'
b'CRLF Injection in 301 Redirect allow to Set-Cookies for mail.ru '
30 Apr 2020
b'Mail.ru'
disclosed a bug submitted by
b'dedsec69'
b'Information Disclosure on {http://pro.tracker.my.com}'
30 Apr 2020
b'Razer'
disclosed a bug submitted by
b'zathu'
b'Insecure HostnameVerifier within WebView of Razer Pay Android (TLS Vulnerability)'
30 Apr 2020
b'Razer'
disclosed a bug submitted by
b'reemer'
b'SQL Injection in https://api-my.pay.razer.com/inviteFriend/getInviteHistoryLog'
30 Apr 2020
b'Razer'
disclosed a bug submitted by
b'sambal0x'
b'[Razer Pay Mobile App] IDOR within /v1_IM/friends/queryDrawRedLog allowed unauthorised access to read logs'
30 Apr 2020
b'Starbucks'
disclosed a bug submitted by
b'b4bilal'
b'Korea - LFI Server directory traversal at starbucks.co.kr'
30 Apr 2020
b'Razer'
disclosed a bug submitted by
b'sambal0x'
b"Improper Authorization at https://api-my.pay.razer.com/v1/trxDetail?trxId=[Id] allowing unauthorised access to other user's transaction details"
30 Apr 2020
b'Razer'
disclosed a bug submitted by
b'sambal0x'
b'[Razer Pay Android App] Multiple vulnerabilities chained to allow "RedPacket" money to be stolen by a 3rd party'
30 Apr 2020
b'Roblox'
disclosed a bug submitted by
b'albertl'
b'Malformed string sent through FireServer leads to server freezing/hanging'
29 Apr 2020
b'HackerOne'
disclosed a bug submitted by
b'bencode'
b'Read-only team members can read all properties of webhooks'
29 Apr 2020
b'concrete5'
disclosed a bug submitted by
b'sunny0day'
b'XSS in select attribute options'
29 Apr 2020
b'Zomato'
disclosed a bug submitted by
b'nikhar123'
b'Mathematical error found in meals for one'
29 Apr 2020
b'Ping Identity'
disclosed a bug submitted by
b'bug_digger21'
b'Google Maps API key leaked during device pairing'
28 Apr 2020
b'Stripo Inc'
disclosed a bug submitted by
b'nihadp'
b'CORS on my.stripo.email'
28 Apr 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'posix'
b'Prototype pollution attack (lodash)'
27 Apr 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'macasun'
b'Crash Node.js process from handlebars using a small and simple source'
27 Apr 2020
b'GitLab'
disclosed a bug submitted by
b'vakzz'
b'Arbitrary file read via the UploadsRewriter when moving and issue'
27 Apr 2020
b'Shopify'
disclosed a bug submitted by
b'danerh'
b'Session works after logout from Shopify account and password of online store is displayed'
27 Apr 2020
1
...
264
265
266
267
268
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM