Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'58 
b'ooooooo_q'52 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'GitHub Security Lab' disclosed a bug submitted by b'porcupineyhairs' 
b'Golang : Improvements to Golang SSRF query'
11 Aug 2020 timeline
b'Zomato' disclosed a bug submitted by b'cybrot' 
b'Lack of Password Confirmation for Account Deletion'
11 Aug 2020 timeline
b'Dropcontact' disclosed a bug submitted by b'omarelfarsaoui' 
b'Unrestricted File Upload on https://app.dropcontact.io/app/upload/'
11 Aug 2020 timeline
b'Dropcontact' disclosed a bug submitted by b'kapkan' 
b'Host Header Injection.'
11 Aug 2020 timeline
b'Dropcontact' disclosed a bug submitted by b'kapkan' 
b'Unauthorized Access and updation of EMAIL settings of other user at https://app.dropcontact.io/app/sponsorship/ by changing the " email " parameter.'
11 Aug 2020 timeline
b'Visma Public' disclosed a bug submitted by b'vapour' 
b'Missing authorization allows sales only user to record payment.'
11 Aug 2020 timeline
b'Zomato' disclosed a bug submitted by b'zzzhacker13' 
b'[api.zomato.com] Abusing LocalParams (city_id) to Inject SOLR query'
11 Aug 2020 timeline
b'Zomato' disclosed a bug submitted by b'zzzhacker13' 
b'[www.zomato.com] Blind SQL Injection in /php/widgets_handler.php'
10 Aug 2020 timeline
b'Zomato' disclosed a bug submitted by b'zzzhacker13' 
b'[www.zomato.com] Blind SQL Injection in /php/geto2banner'
10 Aug 2020 timeline
b'Zomato' disclosed a bug submitted by b'zzzhacker13' 
b'[www.zomato.com] Abusing LocalParams (city) to Inject SOLR query'
10 Aug 2020 timeline
b'Grammarly' disclosed a bug submitted by b'cript0nauta' 
b"Unauthenticated users can access all food.grammarly.io user's data"
10 Aug 2020 timeline
b'Zomato' disclosed a bug submitted by b'zzzhacker13' 
b'Solr Injection in `user_id` parameter at :/v2/leaderboard_v2.json'
10 Aug 2020 timeline
b'Visma Public' disclosed a bug submitted by b'brdoors3' 
b'Access control on https://eaccounting.stage.vismaonline.com/'
09 Aug 2020 timeline
b'Zomato' disclosed a bug submitted by b'0xdexter' 
b'Ability to manipulate price with a max threshold of `<1 Rupee` in support rider parameter'
08 Aug 2020 timeline
b'Zomato' disclosed a bug submitted by b'pandaaaa' 
b'Availing Zomato gold by using a random third-party `wallet_id`'
07 Aug 2020 timeline
b'BugPoC' disclosed a bug submitted by b'acut3' 
b'Improper use of "path" parameter can be used to trick testers into leaking their Front-End PoC'
07 Aug 2020 timeline
b'Topcoder' disclosed a bug submitted by b'mase289' 
b'Blind stored XSS due to insecure contact form at https://www.topcoder.com leads to leakage of session token and other PII'
07 Aug 2020 timeline
b'Bitwarden' disclosed a bug submitted by b'njgadhiya' 
b'Server-Side Request Forgery in "icons.bitwarden.net"'
07 Aug 2020 timeline
b'GitLab' disclosed a bug submitted by b'rhynorater' 
b"Full Read SSRF on Gitlab's Internal Grafana"
07 Aug 2020 timeline
b'Dropcontact' disclosed a bug submitted by b'kapkan' 
b'User can Subscribe a plan that is hidden by manipulating the value of "subscription" parameter at [ https://app.dropcontact.io/app/checkout/]'
07 Aug 2020 timeline
1 ... 270 271 272 273 274 ... 730
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM