REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Roblox'
disclosed a bug submitted by
b'jfc5sb'
b'Insecure redirect rule results in bypassing ban redirect on certain pages'
26 Apr 2020
b'Slack'
disclosed a bug submitted by
b'akaki'
b'URL link spoofing'
26 Apr 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'visat'
b'[Total.js] Path traversal vulnerability allows to read files outside public directory'
25 Apr 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'mik317'
b'[git-promise] RCE via insecure command formatting'
25 Apr 2020
b'Cuvva'
disclosed a bug submitted by
b'fsm'
b'Time-limit Bypassing, Rate-limit Bypassing and Spamming at https://ops.cuvva.co'
24 Apr 2020
b'Roblox'
disclosed a bug submitted by
b'geekboy'
b'Subdomain Takeover to Authentication bypass '
23 Apr 2020
b'Uber'
disclosed a bug submitted by
b'healdb'
b'ubernycmarketplace.com is vulnerable to the Heartbleed Bug'
23 Apr 2020
b'Uber'
disclosed a bug submitted by
b'peroni'
b'Full Path and internal information disclosure+ SQLNet.log file disclose internal network information'
23 Apr 2020
b'Visma Public'
disclosed a bug submitted by
b'gamliel'
b'Able to continue user creation process after deleting the HTML element that shows the message that the session is closed'
23 Apr 2020
b'Omise'
disclosed a bug submitted by
b'rioncool22'
b'Signup with any email and enable 2FA without verifying email'
23 Apr 2020
b'Stripo Inc'
disclosed a bug submitted by
b'what_web'
b'[www.stripo.email] You can override the speed limit by adding the X-Forwarded-For header.'
23 Apr 2020
b'Ruby'
disclosed a bug submitted by
b'jeremyevans'
b'Variant of CVE-2013-0269 (Denial of Service and Unsafe Object Creation Vulnerability in JSON)'
23 Apr 2020
b'Mail.ru'
disclosed a bug submitted by
b'empty-jack'
b'[v7lk.relap.io] Sending arbitrary emails to any user'
22 Apr 2020
b'Mail.ru'
disclosed a bug submitted by
b'ksapphire'
b'Mail.Ru Top - Website Counter Bruteforcing'
22 Apr 2020
b'Mail.ru'
disclosed a bug submitted by
b'act1on3'
b'[c-api.city-mobil.ru] Client authentication bypass leads to information disclosure'
22 Apr 2020
b'Mail.ru'
disclosed a bug submitted by
b'risinghunter'
b'mailgun subdomain takeover on "email.mail.geekbrains.ru"'
22 Apr 2020
b'Mail.ru'
disclosed a bug submitted by
b'iframe'
b'[staging.tarantool.org] Github Pages Subdomain-take-over '
22 Apr 2020
b'Mail.ru'
disclosed a bug submitted by
b'elmahdi'
b'Information Disclosure [ https://curious.ru/api/submissions ]'
22 Apr 2020
b'NordVPN'
disclosed a bug submitted by
b'skyplabs'
b"The Linux binaries (nordvpn and nordvpnd) don't use PIE/ASLR"
22 Apr 2020
b'HackerOne'
disclosed a bug submitted by
b'd4rk_g1rl'
b"An invite-only's program submission state is accessible to users no longer part of the program"
21 Apr 2020
1
...
265
266
267
268
269
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM