REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
bobrov
114
linkks
73
geeknik
70
sp1d3rs
62
jobert
51
guido
45
bl4de
42
ryat
40
bigbear_
38
zombiehelp54
37
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
Slack
disclosed a bug submitted by
computerality
OSX slack:// protocol handler javascript injection
24 Jun 2016
Nextcloud
disclosed a bug submitted by
zeroknife
REG: Content provider information leakage
24 Jun 2016
HackerOne
disclosed a bug submitted by
arneswinnen
Web Authentication Endpoint Credentials Brute-Force Vulnerability
23 Jun 2016
Bime
disclosed a bug submitted by
michiel
Subdomain takeover due to unclaimed Amazon S3 bucket on a2.bime.io
22 Jun 2016
ThisData
disclosed a bug submitted by
7h0r4pp4n
Host Header Poisoning in thisdata.com
22 Jun 2016
bitaccess
disclosed a bug submitted by
geekboy
BYASSING OTP Verification
22 Jun 2016
Pornhub
disclosed a bug submitted by
awake
CSV Macro injection in Video Manager (CEMI)
22 Jun 2016
Pornhub
disclosed a bug submitted by
zephrfish
Public Facing Barracuda Login
22 Jun 2016
Pornhub
disclosed a bug submitted by
mak
Multiple endpoints are vulnerable to XML External Entity injection (XXE)
22 Jun 2016
Pornhub
disclosed a bug submitted by
zephrfish
PornIQ Reflected Cross-Site Scripting
22 Jun 2016
Mail.Ru
disclosed a bug submitted by
samidrif
Code source discloure & ability to get database information "SQL injection" in [townwars.mail.ru]
22 Jun 2016
Romit
disclosed a bug submitted by
eboda
Session Fixation
22 Jun 2016
Nextcloud
disclosed a bug submitted by
japongskie
No Rate Limiting on stats.nextcloud.com login
22 Jun 2016
Zomato
disclosed a bug submitted by
dejavuln
Instagram OAuth2 Implementation Leaks Access Token; Allows for Cross-Site Script Inclusion (XSSI)
22 Jun 2016
Nextcloud
disclosed a bug submitted by
vivek_patil
WordPress Vulnerabilities: User Enumeration, Vulnerable Akismet Plugin, XML-RPC Interface available
22 Jun 2016
Slack
disclosed a bug submitted by
mkbb
Unauthenticated Access to some old file thumbnails
21 Jun 2016
HackerOne
disclosed a bug submitted by
jthetechguy
All information is not removed from published reports
21 Jun 2016
Nextcloud
disclosed a bug submitted by
armfox97
Deny access to download.nextcloud.com + folders
21 Jun 2016
Shopify
disclosed a bug submitted by
ksaurabh
Fetching external resources through svg images
21 Jun 2016
Ruby
disclosed a bug submitted by
guido
Heap corruption in string.c tr_trans() due to undersized buffer
21 Jun 2016
1
...
287
288
289
290
291
...
391
BY DENIS WERNER - @NOBBD -
IMPRESSUM