REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
81
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
58
b'ooooooo_q'
52
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Open-Xchange'
disclosed a bug submitted by
b'orange'
b'Pre-auth buffer over-read in Dovecot NTLM implementation'
13 Aug 2020
b'Open-Xchange'
disclosed a bug submitted by
b'orange'
b'Pre-auth Denial-of-Service in Dovecot RPA implementation'
13 Aug 2020
b'GitHub Security Lab'
disclosed a bug submitted by
b'luchua'
b'Java: CWE-798 - Hardcoded AWS credentials'
12 Aug 2020
b'Acronis'
disclosed a bug submitted by
b'full109tun'
b'Content Spoofing'
12 Aug 2020
b'BugPoC'
disclosed a bug submitted by
b'bad5ect0r'
b'XSS Challenge #2 Solution'
12 Aug 2020
b'BugPoC'
disclosed a bug submitted by
b'ivarsvids'
b'DOM based Cross-site Scripting'
12 Aug 2020
b'Mail.ru'
disclosed a bug submitted by
b'xaleraf4ra'
b'[performancemarketing.geekbrains.ru] Tilda Subdomain Takeover'
12 Aug 2020
b'Mail.ru'
disclosed a bug submitted by
b'nitin1205'
b'Bypass OTP on contact back request at https://driver.city-mobil.ru/'
12 Aug 2020
b'Mail.ru'
disclosed a bug submitted by
b'steal_wart'
b'Subdomain takeover at msproject.geekbrains.ru'
12 Aug 2020
b'Mail.ru'
disclosed a bug submitted by
b'dedsec69'
b'Vertical Privilege Escalation on {target.my.com}'
12 Aug 2020
b'Mail.ru'
disclosed a bug submitted by
b'anyday'
b'[c-api.city-mobil.ru] IDOR chat messages between driver and customer'
12 Aug 2020
b'Mail.ru'
disclosed a bug submitted by
b'shuraros'
b'tracker.my.com information disclosure via csrf bypass'
12 Aug 2020
b'Mail.ru'
disclosed a bug submitted by
b'shuraros'
b'information disclosure via IDOR on "https://target.my.com/api/v2/coverage/segment.json?id={id}" endpoint'
12 Aug 2020
b'Visma Public'
disclosed a bug submitted by
b'vapour'
b'A sales only user can edit the purchase invoice drafts.'
12 Aug 2020
b'Visma Public'
disclosed a bug submitted by
b'vapour'
b'Improper access control allows sales only user to view bank balance of company accounts.'
12 Aug 2020
b'GitHub Security Lab'
disclosed a bug submitted by
b'grzegol'
b'LDAP injection vulnerability in Java'
11 Aug 2020
b'GitHub Security Lab'
disclosed a bug submitted by
b'porcupineyhairs'
b'Golang : Improvements to Golang SSRF query'
11 Aug 2020
b'Zomato'
disclosed a bug submitted by
b'cybrot'
b'Lack of Password Confirmation for Account Deletion'
11 Aug 2020
b'Dropcontact'
disclosed a bug submitted by
b'omarelfarsaoui'
b'Unrestricted File Upload on https://app.dropcontact.io/app/upload/'
11 Aug 2020
b'Dropcontact'
disclosed a bug submitted by
b'kapkan'
b'Host Header Injection.'
11 Aug 2020
1
...
271
272
273
274
275
...
732
BY DENIS WERNER - @NOBBD -
IMPRESSUM