REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Mail.ru'
disclosed a bug submitted by
b'act1on3'
b'[panel.city-mobil.ru/admin/] Blind XSS into username'
14 Apr 2020
b'Legal Robot'
disclosed a bug submitted by
b'aninax'
b'Cloudflare issue: Error 521 Ray ID: 2e7ea7f706ea4056 \xe2\x80\xa2 2016-09-25 12:59:55 UTC Web server is down'
13 Apr 2020
b'8x8'
disclosed a bug submitted by
b'sandrogauci'
b'Outdated Coturn is vulnerable to known vulnerabilities (High)'
13 Apr 2020
b'Topcoder'
disclosed a bug submitted by
b'bonikia97'
b'PII of Users Disclosure using "/members/invite/" endpoint'
13 Apr 2020
b'Stripo Inc'
disclosed a bug submitted by
b'doctor_spooky'
b'Unrestricted File Upload on https://my.stripo.email and https://stripo.email'
13 Apr 2020
b'MTN Group'
disclosed a bug submitted by
b'itsafolic1'
b'Account Take over of millions of MTN users account due to lack of Rate limiting when sending OTP code'
13 Apr 2020
b'Zenly'
disclosed a bug submitted by
b'ticzox'
b'Insecure Storage and Overly Permissive API Keys in Android App'
12 Apr 2020
b'MTN Group'
disclosed a bug submitted by
b'kcz'
b"OTP bypass - Unintended disclosure of OTP to client allows attacker to manage users' subscriptions"
11 Apr 2020
b'BCM Messenger'
disclosed a bug submitted by
b'dedsec69'
b'IDOR leading to downloading of any attachment'
11 Apr 2020
b'8x8'
disclosed a bug submitted by
b'adam99'
b'Insecure OAuth redirection at [admin.8x8.vc]'
10 Apr 2020
b'Nextcloud'
disclosed a bug submitted by
b'jlord87'
b"User can delete data in shared folders he's not autorized to access"
10 Apr 2020
b'Ubiquiti Inc.'
disclosed a bug submitted by
b'giany'
b'Unauthenticated request allows changing hostname'
10 Apr 2020
b'Nextcloud'
disclosed a bug submitted by
b'protex0r'
b'Code injection in macOS Desktop Client '
10 Apr 2020
b'Nextcloud'
disclosed a bug submitted by
b'at5djl3pwjmunyutnoatp'
b'"Secure View" aka "Hide Download" can be bypassed easily'
10 Apr 2020
b'Stripo Inc'
disclosed a bug submitted by
b'c1kada'
b'SSRF in Export template to ActiveCampaign'
10 Apr 2020
b'Stripo Inc'
disclosed a bug submitted by
b'codeslayer137'
b'HTTP Request Smuggling on my.stripo.email'
10 Apr 2020
b'Shopify'
disclosed a bug submitted by
b'ngalog'
b'CSRF on connecting Paypal as Payment Provider'
10 Apr 2020
b'Equifax'
disclosed a bug submitted by
b'lijhazo'
b'Information Leak (Github)'
09 Apr 2020
b'Genasys Technologies'
disclosed a bug submitted by
b'mahmutyazici'
b'Improper Input Validation on payment page'
09 Apr 2020
b'Razer'
disclosed a bug submitted by
b's3cr3tsdn'
b'SQL Injection at https://sea-web.gold.razer.com/lab/cash-card-incomplete-translog-resend via period-hour Parameter'
08 Apr 2020
1
...
267
268
269
270
271
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM