REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
bobrov
107
sp1d3rs
54
jobert
41
bigbear_
38
bl4de
37
guido
37
isox
36
4lemon
35
geeknik
35
edio
34
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
Twitter
disclosed a bug submitted by
satishb3
fabric.io - app member can make himself an admin
09 Mar 2015
Twitter
disclosed a bug submitted by
satishb3
Fabric.io - an app admin can delete team members from other user apps
09 Mar 2015
Vimeo
disclosed a bug submitted by
dekeeu
player.vimeo.com - Reflected XSS Vulnerability
09 Mar 2015
Twitter
disclosed a bug submitted by
wesecureapp
XSS in original referrer after follow
09 Mar 2015
Phabricator
disclosed a bug submitted by
haquaman
Server Side Request Forgery in macro creation
09 Mar 2015
wont-fix
InVision
disclosed a bug submitted by
root_z3r0
Password reset tokens is valid after changing the password by logging in the account
08 Mar 2015
wont-fix
HackerOne
disclosed a bug submitted by
srkgupta
HTTPS is not enforced for objects stored by HackerOne on Amazon S3
08 Mar 2015
Vimeo
disclosed a bug submitted by
a7medel-ma7alawy
Full account takeover via Add a New Email to account without email verified and without password confirmation.
06 Mar 2015
wont-fix
Vimeo
disclosed a bug submitted by
shahmeer_amir
Poodle bleed vulnerability in cloud sub domain
05 Mar 2015
Dropbox
disclosed a bug submitted by
nishantagarwala
Unvalidated Redirects and Stored XSS
05 Mar 2015
wont-fix
Mobile Vikings
disclosed a bug submitted by
4lemon
Stored XSS in Direct debit name
04 Mar 2015
Mobile Vikings
disclosed a bug submitted by
4lemon
Number, username and name disclosure
04 Mar 2015
Mobile Vikings
disclosed a bug submitted by
4lemon
Reflected xss in user name thru cookie
04 Mar 2015
Mobile Vikings
disclosed a bug submitted by
4lemon
Stored xss in user name
04 Mar 2015
wont-fix
Mobile Vikings
disclosed a bug submitted by
4lemon
Stored xss in user name (2) affected another user.
04 Mar 2015
Mobile Vikings
disclosed a bug submitted by
4lemon
Username and sim id enum
04 Mar 2015
wont-fix
Mobile Vikings
disclosed a bug submitted by
4lemon
Approve topup method by sender of this method
04 Mar 2015
PHP
disclosed a bug submitted by
andreapalazzo
SoapClient's __call() type confusion through unserialize()
03 Mar 2015
Vimeo
disclosed a bug submitted by
fin1te
Ability to Download Music Tracks Without Paying (Missing permission check on`/musicstore/download`)
01 Mar 2015
The Internet
disclosed a bug submitted by
dirtybit
Bad Write in TTF font parsing (win32k.sys)
01 Mar 2015
1
...
286
287
288
289
290
...
327
BY DENIS WERNER - @NOBBD -
IMPRESSUM
