REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'MobiSystems Ltd.'
disclosed a bug submitted by
b'emmano'
b'Firebase Firestore insecure database'
13 Feb 2020
b'Visma Bug Bounty Program'
disclosed a bug submitted by
b'anglecutter'
b"Stored XSS in 'Notes'"
13 Feb 2020
b'Ruby'
disclosed a bug submitted by
b'd3athstrok3'
b'Source code disclosed via S3 Bucket'
13 Feb 2020
b'8x8'
disclosed a bug submitted by
b'l34r00t'
b'Sensitive information disclosure'
12 Feb 2020
b'8x8'
disclosed a bug submitted by
b'konqi'
b'(Critical) Remote Code Execution Through Old TinyMCE upload bypass'
12 Feb 2020
b'8x8'
disclosed a bug submitted by
b'0x496'
b'Reflected xss on 8x8.com subdomain'
12 Feb 2020
b'Blueboard'
disclosed a bug submitted by
b'0_0eth0'
b'Leak of Internel IP, Browser, Browser version, OS, & Much more through Selenium Grid Console'
12 Feb 2020
b'Endless Hosting'
disclosed a bug submitted by
b'codermak'
b'Modify Host Header which is sent to email'
12 Feb 2020
b'Endless Hosting'
disclosed a bug submitted by
b'gr3yc4t26'
b'CVE-2017-8779 exploit on open rpcbind port could lead to remote DoS'
12 Feb 2020
b'Yelp'
disclosed a bug submitted by
b'md15ev'
b'No rate limiting for confirmation email lead to email flooding'
11 Feb 2020
b'Starbucks'
disclosed a bug submitted by
b'nnez'
b'Thailand - Insecure Direct Object Reference permits an unauthorized user to transfer funds from a victim using only the victims Starbucks card'
11 Feb 2020
b'HackerOne'
disclosed a bug submitted by
b'haxta4ok00'
b'Unauthorized user can obtain `report_sources` attribute through Team GraphQL object'
10 Feb 2020
b'VLC (European Commission - DIG'
disclosed a bug submitted by
b'qrayn'
b'VLC 4.0.0 - Stack Buffer Overflow (SEH)'
10 Feb 2020
b'Localize'
disclosed a bug submitted by
b'zerboa'
b'2-factor authentication can be disabled when logged in without confirming account password'
10 Feb 2020
b'Stripo Inc'
disclosed a bug submitted by
b'qotoz'
b'csrf bypass using flash file + 307 redirect method at plugins endpoint'
10 Feb 2020
b'Stripo Inc'
disclosed a bug submitted by
b'anais'
b'Able to download any hosted content on AWS S3 bucket(stripo)'
10 Feb 2020
b'Nextcloud'
disclosed a bug submitted by
b'whitehattushu'
b'No session logout after changing password & alsoandroid sessions not shown in sessions list so they can be deleted'
09 Feb 2020
b'NordVPN'
disclosed a bug submitted by
b'th3pr0xyb0y'
b'No Rate Limit On Forgot Password Page Of NordVPN'
08 Feb 2020
b'TTS Bug Bounty'
disclosed a bug submitted by
b'johnh4x0r'
b'Content injection via URL parameter.'
08 Feb 2020
b'Twitter'
disclosed a bug submitted by
b'jayesh25'
b'Bypass Password Authentication for updating email and phone number - Security Vulnerability'
08 Feb 2020
1
...
284
285
286
287
288
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM