REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Stellar.org'
disclosed a bug submitted by
b'vyshnav_nk'
b'xss'
23 Feb 2020
b'Stellar.org'
disclosed a bug submitted by
b'abo-jehad'
b'brute force attack allowed on admin page https://www.stellar.org/wp-admin/'
23 Feb 2020
b'Stellar.org'
disclosed a bug submitted by
b'hach3ro'
b'Admin panel of https://www.stellar.org/wp-admin/'
23 Feb 2020
b'Maximum'
disclosed a bug submitted by
b'zeop'
b'x-request-id header reflected in server response without sanitization'
22 Feb 2020
b'Automattic'
disclosed a bug submitted by
b'hacki3boy'
b'Modify account details by exploiting clickjacking vulnerability on refer.wordpress.com'
22 Feb 2020
b'Twitter'
disclosed a bug submitted by
b'kunal94'
b'Periscope android app deeplink leads to CSRF in follow action'
21 Feb 2020
b'Twitter'
disclosed a bug submitted by
b'nyuszika7h'
b'iOS app crashed by specially crafted direct message reactions'
21 Feb 2020
b'Twitter'
disclosed a bug submitted by
b'lorenznickel'
b"Twitter Source Label allow 'mongolian vowel separator' U+180E (app name)"
21 Feb 2020
b'Twitter'
disclosed a bug submitted by
b'jubabaghdad'
b'Reflected XSS in twitterflightschool.com'
21 Feb 2020
b'HackerOne'
disclosed a bug submitted by
b'japz'
b'"Bounties paid in the last 90 days" discloses the undisclosed bounty amount in program statistics'
21 Feb 2020
b'NordVPN'
disclosed a bug submitted by
b'hexgold'
b'Race condition (TOCTOU) in NordVPN can result in local privilege escalation'
21 Feb 2020
b'NordVPN'
disclosed a bug submitted by
b'aplis'
b'Email address is not validated, No Rate Limit and RCE On Forgot Password Page Of affiliates.nordvpn.com'
21 Feb 2020
b'NordVPN'
disclosed a bug submitted by
b'kiriknik'
b'Html Injection and Possible XSS in main nordvpn.com domain'
21 Feb 2020
b'NordVPN'
disclosed a bug submitted by
b'hridoy-ahmed'
b'Cross Origin Resource Sharing Misconfiguration | Lead to sensitive information'
21 Feb 2020
b'NordVPN'
disclosed a bug submitted by
b'zaitunoil'
b'Past payments using the Direct Debit method keep subscriptions active even if payments fail'
21 Feb 2020
b'NordVPN'
disclosed a bug submitted by
b'hassancypher'
b'Host header injection/redirection | signup and login page'
21 Feb 2020
b'NordVPN'
disclosed a bug submitted by
b'shardulb_23'
b'CORS Misconfiguration on nordvpn.com leading to Private Information Disclosure,Account takeover'
21 Feb 2020
b'RATELIMITED'
disclosed a bug submitted by
b'miguel_santareno'
b'Cross Site Request Forgery in auth in https://auth.ratelimited.me/'
21 Feb 2020
b'NordVPN'
disclosed a bug submitted by
b'x54xc3'
b'nordvpn Linux Desktop executable application does not use pie / no ASLR'
21 Feb 2020
b'HackerOne'
disclosed a bug submitted by
b'msdian7'
b'Email address of any user can be queried on Report Invitation GraphQL type when username is known'
20 Feb 2020
1
...
281
282
283
284
285
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM