REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
84
b'linkks'
75
b'jobert'
70
b'nyymi'
64
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'CS Money'
disclosed a bug submitted by
b'khoabda1'
b'IDOR in https://3d.cs.money/'
28 Sep 2020
b'CS Money'
disclosed a bug submitted by
b'khoabda1'
b'Bypass restrict of member subscription to use custom background in https://3d.cs.money without prime subscription'
28 Sep 2020
b'Nextcloud'
disclosed a bug submitted by
b'warsocks'
b'Missing server side controls when editing the board\xe2\x80\x99s sharing permissions per user'
28 Sep 2020
b'Nextcloud'
disclosed a bug submitted by
b'xam24'
b'No rate limiting on sinup page'
28 Sep 2020
b'Nextcloud'
disclosed a bug submitted by
b'alx_il'
b'Re-Sharing allows increase of privileges'
28 Sep 2020
b'CS Money'
disclosed a bug submitted by
b'khoabda1'
b'Bypass Filter on link of build'
28 Sep 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'0xd0ff'
b'[m-server] XSS reflected because path does not escapeHtml'
28 Sep 2020
b'concrete5'
disclosed a bug submitted by
b'javakhishvili'
b'Unauthenticated HTML Injection Stored - ContactUs form'
25 Sep 2020
b'concrete5'
disclosed a bug submitted by
b'javakhishvili'
b'Cross Site Scripting (XSS) Stored - Private messaging'
25 Sep 2020
b'HackerOne'
disclosed a bug submitted by
b'vakzz'
b'Reflected XSS on www.hackerone.com via Wistia embed code'
24 Sep 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'mik317'
b'[snekserve] Stored XSS via filenames HTML formatted'
24 Sep 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'mik317'
b'[commit-msg] RCE via insecure command formatting'
24 Sep 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'mik317'
b'[gity] RCE via insecure command formatting'
24 Sep 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'lightangel1412'
b'[http_server] Path Traversal allowing to read any files on the server'
24 Sep 2020
b'Twitter'
disclosed a bug submitted by
b'alesandroortiz'
b'Android WebViews in Twitter app are vulnerable to UXSS due to configuration and CVE-2020-6506'
24 Sep 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'lightangel1412'
b'[hnzserver] Path Traversal allowing to read any files on the server'
24 Sep 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'mik317'
b'[git-lib] RCE via insecure command formatting'
24 Sep 2020
b'Visma Public'
disclosed a bug submitted by
b'zeop'
b'Bypassing Business ID/VAT # validation during registration to create accounts with duplicate Business ID/VAT #'
24 Sep 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'ahihi'
b'property-expr - Prototype pollution'
24 Sep 2020
b'Starbucks'
disclosed a bug submitted by
b'xmfc'
b'China - IDOR on Reservation Staging/Non Production Site - https://reservation.stg.starbucks.com.cn'
22 Sep 2020
1
...
265
266
267
268
269
...
741
BY DENIS WERNER - @NOBBD -
IMPRESSUM
