REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
bobrov
114
linkks
73
geeknik
70
sp1d3rs
62
jobert
51
guido
45
bl4de
42
ryat
40
bigbear_
38
zombiehelp54
37
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
Binary.com
disclosed a bug submitted by
roshanpty
HTML injection via 'underlying' parameter
24 Jul 2016
Coinbase
disclosed a bug submitted by
roshanpty
The 'Create a New Account' action is vulnerable to CSRF
24 Jul 2016
Coinbase
disclosed a bug submitted by
roshanpty
An adversary can overwhelm the resources by automating Forgot password/Sign Up requests
24 Jul 2016
GlassWire
disclosed a bug submitted by
xiaoyinl
Bypass GlassWire's monitoring of Hosts file
23 Jul 2016
FantasyTote
disclosed a bug submitted by
shawarkhan
Insecure password change mechanism may lead to full account takeover
23 Jul 2016
FantasyTote
disclosed a bug submitted by
ahsantahirat
No email verification required when we change email from settings
23 Jul 2016
FantasyTote
disclosed a bug submitted by
bains
Session doesn't expired after login
23 Jul 2016
Uber
disclosed a bug submitted by
netfuzzer
xss vulnerability in http://ubermovement.com/community/daniel
21 Jul 2016
drchrono
disclosed a bug submitted by
s_p_q_r
Template stored XSS
21 Jul 2016
ok.ru
disclosed a bug submitted by
exploitraja
Missing proper error message.
21 Jul 2016
drchrono
disclosed a bug submitted by
cliffordtrigo
Accessing all appointments vulnerability
21 Jul 2016
Mail.Ru
disclosed a bug submitted by
c37hun
HTML Injection ?? e.mail.ru
20 Jul 2016
Mail.Ru
disclosed a bug submitted by
malcolmx
Cross Site Request Forgery (CSRF)
20 Jul 2016
Gratipay
disclosed a bug submitted by
sh4dow
Username .. (double dot) should be restricted or handled carefully
20 Jul 2016
LeaseWeb
disclosed a bug submitted by
arbaz_hussain
Directory Listening
20 Jul 2016
Gratipay
disclosed a bug submitted by
jackds
limit HTTP methods on other domains
19 Jul 2016
Nextcloud
disclosed a bug submitted by
bugdiscloseguy
Read-only share recipient can restore old versions of file
19 Jul 2016
Nextcloud
disclosed a bug submitted by
detroitsmash
Uploading files to a folder where invited user don't have any EDIT privilege
19 Jul 2016
Nextcloud
disclosed a bug submitted by
fransrosen
Stored XSS on Share-popup of a directory's Gallery-view
19 Jul 2016
Nextcloud
disclosed a bug submitted by
apok
Log pollution can lead to HTML Injection.
19 Jul 2016
1
...
280
281
282
283
284
...
391
BY DENIS WERNER - @NOBBD -
IMPRESSUM