REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Stripo Inc'
disclosed a bug submitted by
b'hackthetime'
b'subdomain takeover at status-stage0.stripo.email'
30 Jan 2020
b'WordPress'
disclosed a bug submitted by
b'ajxchapman'
b'Wordpress unzip_file path traversal'
29 Jan 2020
b'Yelp'
disclosed a bug submitted by
b'bellpwn'
b'Multiple Vulnerabilities in (*.blog.yelp.com) - Leakage user admin Sensitive Exposure'
29 Jan 2020
b'Starbucks'
disclosed a bug submitted by
b'zude'
b"Account take over of 'light' starbuckscardb2b users"
29 Jan 2020
b'Starbucks'
disclosed a bug submitted by
b'laszaro'
b'WAF bypass via double encoded non standard ASCII chars permitted a reflected XSS on response page not found pages - (629745 bypass)'
29 Jan 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'johnssimon007'
b'[deliver-or-else] Path Traversal'
29 Jan 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'johnssimon007'
b'[md-fileserver] Path Traversal'
29 Jan 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'johnssimon007'
b'[file-browser] Inadequate Output Encoding and Escaping '
29 Jan 2020
b'Mail.ru'
disclosed a bug submitted by
b'orlserg'
b'Account takeover via CORS misconfigutation on https://beta.delivery-club.ru'
29 Jan 2020
b'Mail.ru'
disclosed a bug submitted by
b'johndoe1492'
b'SSRF in clients.city-mobil.ru'
29 Jan 2020
b'Mail.ru'
disclosed a bug submitted by
b'kiriknik'
b'Blind SQL Injection in city-mobil.ru domain'
29 Jan 2020
b'Starbucks'
disclosed a bug submitted by
b'neweq'
b'China - ecjobsdc.starbucks.com.cn html/shtml file upload vulnerability'
29 Jan 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'princechaddha'
b'Denial Of Service in Strapi Framework using argument injection'
28 Jan 2020
b'Stripo Inc'
disclosed a bug submitted by
b'checkm50'
b'Information disclosure through Server side resource forgery'
28 Jan 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'aaron_costello'
b'Prototype pollution in dot-prop'
28 Jan 2020
b'New Relic'
disclosed a bug submitted by
b'masterhackor'
b'Host Header Injection'
27 Jan 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'ronperris'
b'[url-parse] Improper Validation and Sanitization'
27 Jan 2020
b'Reverb.com'
disclosed a bug submitted by
b'muon4'
b'Race Condition allows to redeem multiple times gift cards which leads to free "money"'
25 Jan 2020
b'RATELIMITED'
disclosed a bug submitted by
b'amarbalosh'
b'xss in /users/[id]/set_tier endpoint'
25 Jan 2020
b'Flickr'
disclosed a bug submitted by
b'asad0x01_'
b'Arbitrary file read via ffmpeg HLS parser at https://www.flickr.com/photos/upload'
25 Jan 2020
1
...
289
290
291
292
293
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM