REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
58
b'ooooooo_q'
52
b'haxta4ok00'
49
b'jon_bottarini'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Nextcloud'
disclosed a bug submitted by
b'section1'
b'Events information leaked with shared calendars on recurrence exceptions'
14 Jun 2024
b'Nextcloud'
disclosed a bug submitted by
b'7h3b4dg3r'
b'Read-only users can restore old versions'
14 Jun 2024
b'Nextcloud'
disclosed a bug submitted by
b'lourcode'
b'Code injection in Nextcloud Desktop Client for macOS'
14 Jun 2024
b'HackerOne'
disclosed a bug submitted by
b'nagli'
b'[Spot Check] - Ability to disclose metadata about Spot Checks (Number of Hackers + Hackers Criteria) via "SpotCheckSingleQuery"'
11 Jun 2024
b'HackerOne'
disclosed a bug submitted by
b'youstin'
b"[ Spot Check ] Team members can edit a user's write-up"
06 Jun 2024
b'EXNESS'
disclosed a bug submitted by
b'alexandrio'
b'GraphQL attribute Batching DOS can take down pwapi.ex2b.com'
04 Jun 2024
b'WakaTime'
disclosed a bug submitted by
b'hasn0x'
b'IDOR to view order information of users and personal information'
02 Jun 2024
b'Basecamp'
disclosed a bug submitted by
b'fr4via'
b'Account takeover via insecure intent handling '
30 May 2024
b'HackerOne'
disclosed a bug submitted by
b'zy9ard3'
b"[hackerone.com] Program's old handles are not blacklisted like usernames and allows reclaim over past handles for potential abuse"
30 May 2024
b'Nextcloud'
disclosed a bug submitted by
b'lukasreschke'
b'user_oidc allows registering new accounts by going through ID4Me flow'
30 May 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'iylz'
b'Proxy-Authorization header not cleared on cross-origin redirect in undici.request'
29 May 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'tniessen'
b'Path traversal by monkey-patching Buffer internals'
29 May 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'tniessen'
b'Improper handling of wildcards in --allow-fs-read and --allow-fs-write'
29 May 2024
b'ExpressionEngine'
disclosed a bug submitted by
b'd3addog'
b'Non-authenticated path traversal leading to arbitrary file read '
28 May 2024
b'ExpressionEngine'
disclosed a bug submitted by
b'd0bby'
b'Import/Convert user file exposure leading to logins/passwords/PII leak. '
28 May 2024
b'ExpressionEngine'
disclosed a bug submitted by
b'd0bby'
b'Arbitrary comment content change with GET CSRF. '
28 May 2024
b'ExpressionEngine'
disclosed a bug submitted by
b'd0bby'
b'Arbitrary forum topic close with GET CSRF.'
28 May 2024
b'ExpressionEngine'
disclosed a bug submitted by
b'd0bby'
b'Comment/channel unsubscribe GET CSRF'
28 May 2024
b'ExpressionEngine'
disclosed a bug submitted by
b'd0bby'
b'Stored XSS filter bypass on discussion forum. "URL" tag. '
28 May 2024
b'ExpressionEngine'
disclosed a bug submitted by
b'd0bby'
b'Stored XSS filter bypass on discussion forum. '
28 May 2024
1
...
27
28
29
30
31
...
724
BY DENIS WERNER - @NOBBD -
IMPRESSUM
