Top10 publishers:
bobrov114 
linkks73 
geeknik70 
sp1d3rs62 
jobert51 
guido45 Twitter
bl4de42 
ryat40 
bigbear_38 
zombiehelp5437 Twitter

the unofficial HackerOne disclosure timeline.

X
Binary.com disclosed a bug submitted by roshanpty 
HTML injection via 'underlying' parameter
24 Jul 2016 timeline
Coinbase disclosed a bug submitted by roshanpty 
The 'Create a New Account' action is vulnerable to CSRF
24 Jul 2016 timeline
Coinbase disclosed a bug submitted by roshanpty 
An adversary can overwhelm the resources by automating Forgot password/Sign Up requests
24 Jul 2016 timeline
GlassWire disclosed a bug submitted by xiaoyinl 
Bypass GlassWire's monitoring of Hosts file
23 Jul 2016 timeline
FantasyTote disclosed a bug submitted by shawarkhan 
Insecure password change mechanism may lead to full account takeover
23 Jul 2016 timeline
FantasyTote disclosed a bug submitted by ahsantahirat 
No email verification required when we change email from settings
23 Jul 2016 timeline
FantasyTote disclosed a bug submitted by bains 
Session doesn't expired after login
23 Jul 2016 timeline
Uber disclosed a bug submitted by netfuzzer 
xss vulnerability in http://ubermovement.com/community/daniel
21 Jul 2016 timeline
drchrono disclosed a bug submitted by s_p_q_r 
Template stored XSS
21 Jul 2016 timeline
ok.ru disclosed a bug submitted by exploitraja 
Missing proper error message.
21 Jul 2016 timeline
drchrono disclosed a bug submitted by cliffordtrigo Twitter
Accessing all appointments vulnerability
21 Jul 2016 timeline
Mail.Ru disclosed a bug submitted by c37hun 
HTML Injection ?? e.mail.ru
20 Jul 2016 timeline
Mail.Ru disclosed a bug submitted by malcolmx 
Cross Site Request Forgery (CSRF)
20 Jul 2016 timeline
Gratipay disclosed a bug submitted by sh4dow 
Username .. (double dot) should be restricted or handled carefully
20 Jul 2016 timeline
LeaseWeb disclosed a bug submitted by arbaz_hussain 
Directory Listening
20 Jul 2016 timeline
Gratipay disclosed a bug submitted by jackds 
limit HTTP methods on other domains
19 Jul 2016 timeline
Nextcloud disclosed a bug submitted by bugdiscloseguy 
Read-only share recipient can restore old versions of file
19 Jul 2016 timeline
Nextcloud disclosed a bug submitted by detroitsmash 
Uploading files to a folder where invited user don't have any EDIT privilege
19 Jul 2016 timeline
Nextcloud disclosed a bug submitted by fransrosen 
Stored XSS on Share-popup of a directory's Gallery-view
19 Jul 2016 timeline
Nextcloud disclosed a bug submitted by apok 
Log pollution can lead to HTML Injection.
19 Jul 2016 timeline
1 ... 280 281 282 283 284 ... 391
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM