REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'HackerOne'
disclosed a bug submitted by
b'haxta4ok00'
b'Unauthorized user can obtain `report_sources` attribute through Team GraphQL object'
10 Feb 2020
b'VLC (European Commission - DIG'
disclosed a bug submitted by
b'qrayn'
b'VLC 4.0.0 - Stack Buffer Overflow (SEH)'
10 Feb 2020
b'Localize'
disclosed a bug submitted by
b'zerboa'
b'2-factor authentication can be disabled when logged in without confirming account password'
10 Feb 2020
b'Stripo Inc'
disclosed a bug submitted by
b'qotoz'
b'csrf bypass using flash file + 307 redirect method at plugins endpoint'
10 Feb 2020
b'Stripo Inc'
disclosed a bug submitted by
b'anais'
b'Able to download any hosted content on AWS S3 bucket(stripo)'
10 Feb 2020
b'Nextcloud'
disclosed a bug submitted by
b'whitehattushu'
b'No session logout after changing password & alsoandroid sessions not shown in sessions list so they can be deleted'
09 Feb 2020
b'NordVPN'
disclosed a bug submitted by
b'th3pr0xyb0y'
b'No Rate Limit On Forgot Password Page Of NordVPN'
08 Feb 2020
b'TTS Bug Bounty'
disclosed a bug submitted by
b'johnh4x0r'
b'Content injection via URL parameter.'
08 Feb 2020
b'Twitter'
disclosed a bug submitted by
b'jayesh25'
b'Bypass Password Authentication for updating email and phone number - Security Vulnerability'
08 Feb 2020
b'Infogram'
disclosed a bug submitted by
b'4m4n'
b'Bypass to report #280389 [Thinking The issue is not fixed Yet]'
07 Feb 2020
b'Redtube'
disclosed a bug submitted by
b'johndoe1492'
b'Blind XSS in redtube administering site my.reflected.net'
07 Feb 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'ermilov'
b'[script-manager] Unintended require'
07 Feb 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'ermilov'
b'[jsreport] Remote Code Execution'
07 Feb 2020
b'Localize'
disclosed a bug submitted by
b'harr2'
b'The password limit is not set, [DoS].'
06 Feb 2020
b'Localize'
disclosed a bug submitted by
b'moodiabdoul3'
b'Stored XSS in Name of Team Member Invitation'
06 Feb 2020
b'Node.js'
disclosed a bug submitted by
b'rogierschouten'
b'Remotely trigger an assertion on a TLS server with a malformed certificate string'
06 Feb 2020
b'Localize'
disclosed a bug submitted by
b'hckit_02'
b'Nginx version is disclosed in HTTP response'
06 Feb 2020
b'Shopify'
disclosed a bug submitted by
b'fransrosen'
b'H1514 Remote Code Execution on kitcrm using bulk customer update of Priority Products'
06 Feb 2020
b'Razer'
disclosed a bug submitted by
b'unl1k3ly'
b'Request Smuggling vulnerability due a vulnerable skipper reverse proxy running in the environment.'
05 Feb 2020
b'Stripo Inc'
disclosed a bug submitted by
b'brumens'
b'Authorization for wp-admin directory are vulnerable to brute force.'
05 Feb 2020
1
...
285
286
287
288
289
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM