REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
83
b'linkks'
75
b'jobert'
70
b'nyymi'
62
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Helium'
disclosed a bug submitted by
b'amr321'
b'Read-Only user can delete users'
10 Jul 2020
b'Twitter'
disclosed a bug submitted by
b'updatelap'
b'Ability to bruteforce mopub account\xe2\x80\x99s password due to lack of rate limitation protection using {ip rotation techniques}'
10 Jul 2020
b'Maximum'
disclosed a bug submitted by
b'what_web'
b'[www.werkenbijbakertilly.nl] Denial of service due to incorrect server return can result in total denial of service.'
10 Jul 2020
b'Maximum'
disclosed a bug submitted by
b'what_web'
b'[www.werkenbijderet.nl] There is no rate limit for vacature-alert endpoints'
10 Jul 2020
b'Moneybird'
disclosed a bug submitted by
b'ant_pyne'
b"Pending MFA logins aren't immediatly expired after a password change"
10 Jul 2020
b'TTS Bug Bounty'
disclosed a bug submitted by
b'justchillin'
b'Blind SSRF on https://labs.data.gov/dashboard/Campaign/json_status/ Endpoint'
10 Jul 2020
b'GitHub Security Lab'
disclosed a bug submitted by
b'd3lla'
b'[javascript] CWE-020: CodeQL query to detect missing origin validation in cross-origin communication via postMessage'
09 Jul 2020
b'Automattic'
disclosed a bug submitted by
b'fuzzme'
b'[tumblr.com] 69< Firefox Only XSS Reflected'
09 Jul 2020
b'Nextcloud'
disclosed a bug submitted by
b'arezthehopebuster_'
b'Full path disclosure vulnerability via Upload .htaccess file'
09 Jul 2020
b'Nextcloud'
disclosed a bug submitted by
b'jmdx'
b'Non-admin users can trigger writes to memcached by entering a malicious server as a share URL'
09 Jul 2020
b'Zomato'
disclosed a bug submitted by
b'defparam'
b'Stealing Zomato X-Access-Token: in Bulk using HTTP Request Smuggling on api.zomato.com'
09 Jul 2020
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'notdeghost'
b'CSRF Account Deletion on ??? Website'
09 Jul 2020
b'TTS Bug Bounty'
disclosed a bug submitted by
b'justchillin'
b'Limited LFI'
09 Jul 2020
b'Urban Dictionary'
disclosed a bug submitted by
b'schirgel'
b'Bypass voting restriction due to HTTP Header Injection'
08 Jul 2020
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'pi_hunter50'
b'Unrestricted File Upload Leads to XSS & Potential RCE'
08 Jul 2020
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'flav_'
b'Subdomain takeover of ????'
08 Jul 2020
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'pi_hunter50'
b'Stored XSS at ??????userprofile.aspx'
08 Jul 2020
b'Nextcloud'
disclosed a bug submitted by
b'hitman_47'
b'Unrestricted file upload on the image of contacts'
08 Jul 2020
b'Rockstar Games'
disclosed a bug submitted by
b'netfuzzer'
b'CSRF Vulnerability on post creation page /community/create-post.json'
07 Jul 2020
b'Rockstar Games'
disclosed a bug submitted by
b'netfuzzer'
b'csrf in https://www.rockstargames.com/reddeadonline/feedback/submit.json'
07 Jul 2020
1
...
286
287
288
289
290
...
738
BY DENIS WERNER - @NOBBD -
IMPRESSUM