Top10 publishers:
bobrov107 
sp1d3rs54 
jobert45 
bl4de39 
bigbear_38 
guido38 Twitter
isox36 
4lemon35 
linkks35 
geeknik35 

the unofficial HackerOne disclosure timeline.

X
Flox disclosed a bug submitted by pradeepch99 
Content spoofing through Referel header
29 Aug 2015 timeline
Keybase disclosed a bug submitted by mafia 
NO SPF RECORDS
28 Aug 2015 timeline
Keybase disclosed a bug submitted by mom 
SMTP protection not used
28 Aug 2015 timeline
Phabricator disclosed a bug submitted by jbeta 
Dashboard panel embedded onto itself causes a denial of service
27 Aug 2015 timeline
concrete5 disclosed a bug submitted by jmpalk 
No csrf protection on index.php/ccm/system/user/add_group, index.php/ccm/system/user/remove_group
26 Aug 2015 timeline
concrete5 disclosed a bug submitted by jmpalk 
No CSRF protection when creating new community points actions, and related stored XSS
26 Aug 2015 timeline
DigitalSellz disclosed a bug submitted by s_p_q_r 
The email updates issues
25 Aug 2015 timeline
DigitalSellz disclosed a bug submitted by s_p_q_r 
The product/status method CSRF
25 Aug 2015 timeline
Shopify disclosed a bug submitted by alpha 
SSRF via 'Insert Image' feature of Products/Collections/Frontpage
24 Aug 2015 timeline
Zaption disclosed a bug submitted by aaj 
Open redirect filter bypass
24 Aug 2015 timeline
Shopify disclosed a bug submitted by 00day 
XSS https://delivery.shopifyapps.com/ (Digital Downloads App in myshopify.com)
24 Aug 2015 timeline
PHP disclosed a bug submitted by haquaman 
Null pointer deref (segfault) in spl_autoload via ob_start
23 Aug 2015 timeline
Gratipay disclosed a bug submitted by bobrov 
[gratipay.com] CRLF Injection
20 Aug 2015 timeline
Yahoo! disclosed a bug submitted by panchocosil 
Store XSS Flicker main page
14 Aug 2015 timeline
Yahoo! disclosed a bug submitted by kyprizel 
XSS using yql and developers console proxy
14 Aug 2015 timeline
Yahoo! disclosed a bug submitted by agarri_fr 
Bypass of anti-SSRF defenses in YahooCacheSystem (affecting at least YQL and Pipes)
14 Aug 2015 timeline
Yahoo! disclosed a bug submitted by jordanmilne 
Security.allowDomain("*") in SWFs on img.autos.yahoo.com allows data theft from Yahoo Mail (and others)
14 Aug 2015 timeline
Yahoo! disclosed a bug submitted by mildata 
XSS in my yahoo
14 Aug 2015 timeline
Yahoo! disclosed a bug submitted by adrianbelen 
clickjacking
14 Aug 2015 timeline
Yahoo! disclosed a bug submitted by 0ctac0der Twitter
Authentication Bypass in Yahoo Groups
14 Aug 2015 timeline
1 ... 280 281 282 283 284 ... 339
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM