Top10 publishers:
bobrov114 
linkks74 
geeknik71 
sp1d3rs62 
jobert54 
guido45 Twitter
bl4de42 
ryat40 
bigbear_38 
zombiehelp5437 Twitter

the unofficial HackerOne disclosure timeline.

X
Instacart disclosed a bug submitted by cablej Twitter
Brute force login and bypass locked account restrictions via iOS app
19 Sep 2016 timeline
Shopify disclosed a bug submitted by nismo 
XSS in SHOPIFY: Unsanitized Supplier Name can lead to XSS in Transfers Timeline
19 Sep 2016 timeline
Shopify disclosed a bug submitted by nismo 
Unsanitized Location Name in POS Channel can lead to XSS in Orders Timeline
19 Sep 2016 timeline
Shopify disclosed a bug submitted by ysx 
Access to Splunk via shard3-db2.ec2.shopify.com endpoint
19 Sep 2016 timeline
OLX disclosed a bug submitted by surajsp 
full path disclosure vulnerability at https://security.olx.com/*
19 Sep 2016 timeline
Boozt Fashion AB disclosed a bug submitted by 0x00iam_hack3r 
Http header injection
19 Sep 2016 timeline
Legal Robot disclosed a bug submitted by paramdham 
No valid SPF record
19 Sep 2016 timeline
Legal Robot disclosed a bug submitted by paramdham 
Rate limiting on Email confirmation link
19 Sep 2016 timeline
Uber disclosed a bug submitted by dups 
Attacker could setup reminder remotely using brute force
19 Sep 2016 timeline
Boozt Fashion AB disclosed a bug submitted by yassineaboukir 
Host header poisoning leads to account password reset links hijacking
17 Sep 2016 timeline
OLX disclosed a bug submitted by nayranama 
Full Account Takeover
17 Sep 2016 timeline
Instacart disclosed a bug submitted by tbmnull Twitter
shopper login_code's can be brute forced
17 Sep 2016 timeline
Udemy disclosed a bug submitted by w3b7ricks73r 
NON VALIDATION OF SESSIONS AFTER PASSWORD CHANGE
16 Sep 2016 timeline
Mail.Ru disclosed a bug submitted by konqi 
[tidaltrek.mail.ru] SQL Injection
16 Sep 2016 timeline
Legal Robot disclosed a bug submitted by paramdham 
- Guessing registered users in legalrobot.com
16 Sep 2016 timeline
Legal Robot disclosed a bug submitted by paramdham 
Rate limiting on password reset links
16 Sep 2016 timeline
Uber disclosed a bug submitted by gopinath6 
User regisrtration money wallet link issue
16 Sep 2016 timeline
Uber disclosed a bug submitted by temmyscript 
Changing paymentProfileUuid when booking a trip allows free rides
15 Sep 2016 timeline
Instacart disclosed a bug submitted by trad_zero_h 
CSRF To change Email Notification Settings
15 Sep 2016 timeline
Instacart disclosed a bug submitted by cablej Twitter
API OAuth Public Key disclosure in mobile app
15 Sep 2016 timeline
1 ... 291 292 293 294 295 ... 417
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM