REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
81
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
58
b'ooooooo_q'
52
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'LINE'
disclosed a bug submitted by
b'j0eii'
b'Insufficient access control on all BCRM instances leading to the ability to create admin accounts using the API'
03 Aug 2020
b'Mail.ru'
disclosed a bug submitted by
b'kursadalsan'
b'Open Redirect at "city-mobil.ru"'
03 Aug 2020
b'Mail.ru'
disclosed a bug submitted by
b'aslanemre'
b'xss while uploading a file'
03 Aug 2020
b'Mail.ru'
disclosed a bug submitted by
b'pisarenko'
b'xss on [storehouse5.ucs.ru]'
03 Aug 2020
b'Mail.ru'
disclosed a bug submitted by
b'mehulpanchal007'
b'Reflected XSS in "keywords" parameter at "https://sbermarket.ru/metro/search"'
03 Aug 2020
b'Mail.ru'
disclosed a bug submitted by
b'weev3kyaw'
b'Account takeover through password reset in cups.mail.ru'
03 Aug 2020
b'Mail.ru'
disclosed a bug submitted by
b'shuraros'
b'relap.io IDOR'
03 Aug 2020
b'Nextcloud'
disclosed a bug submitted by
b'pshknst'
b'Anonymous file drop page ignores user profile visibility restrictions'
03 Aug 2020
b'Facebook'
disclosed a bug submitted by
b'yashrs'
b'Facebook - Reputation Sync For #267890541047618'
02 Aug 2020
b'LINE'
disclosed a bug submitted by
b'ledz1996'
b'Get-based SSRF limited to HTTP protocol on https://resizer.line-apps.com/form'
02 Aug 2020
b'curl'
disclosed a bug submitted by
b'brumbrum'
b'curl overwrites local file with -J option if file non-readable, but file writable.'
01 Aug 2020
b'DuckDuckGo'
disclosed a bug submitted by
b'capuzsec'
b'XSS on Videos IA'
31 Jul 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'chalker'
b'Arbitrary code execution via untrusted schemas in is-my-json-valid'
31 Jul 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'chalker'
b"[is-my-json-valid] ReDoS via 'style' format"
31 Jul 2020
b'Dropcontact'
disclosed a bug submitted by
b'kapkan'
b'Ngnix Server version disclosure.'
31 Jul 2020
b'Visma Public'
disclosed a bug submitted by
b'artebels'
b'Reverse Tabnabbing in printing source document images'
31 Jul 2020
b'LINE'
disclosed a bug submitted by
b'hackerontwowheels'
b'Path traversal in filename in LINE Mac client'
31 Jul 2020
b'Mail.ru'
disclosed a bug submitted by
b'sudi'
b'Sidekiq Dashboard Publicly accessible at http://shopper.staging.instamart.ru/sidekiq/'
31 Jul 2020
b'Mail.ru'
disclosed a bug submitted by
b'avolume'
b'Stored self XSS at auto.mail.ru using add_review functionality'
31 Jul 2020
b'Valve'
disclosed a bug submitted by
b'jameslll'
b'ajaxgetachievementsforgame is not guarded for unreleased apps'
30 Jul 2020
1
...
273
274
275
276
277
...
732
BY DENIS WERNER - @NOBBD -
IMPRESSUM