Top10 publishers:
bobrov114 
linkks73 
geeknik70 
sp1d3rs62 
jobert51 
guido45 Twitter
bl4de42 
ryat40 
bigbear_38 
zombiehelp5437 Twitter

the unofficial HackerOne disclosure timeline.

X
Uber disclosed a bug submitted by r0t Twitter
Possibility to brute force invite codes in riders.uber.com
13 Jun 2016 timeline
Uber disclosed a bug submitted by patrik 
Stored Cross Site Scripting [SELF] in partners.uber.com
13 Jun 2016 timeline
Uber disclosed a bug submitted by blueberryinfosec 
Create account in uber without signup form
13 Jun 2016 timeline
Uber disclosed a bug submitted by xss001 
Self-XSS Vulnerability on Password Reset Form
13 Jun 2016 timeline
Uber disclosed a bug submitted by rohk 
Active Email Hyperlink Sent on riders.uber.com
13 Jun 2016 timeline
drchrono disclosed a bug submitted by sasi2103 Twitter
XML Parser Bug: XXE over which leads to RCE
13 Jun 2016 timeline
drchrono disclosed a bug submitted by mugeesahmed 
XSS in Blog
13 Jun 2016 timeline
drchrono disclosed a bug submitted by ahsantahirat 
Ngnix Server version disclosure
13 Jun 2016 timeline
drchrono disclosed a bug submitted by muzammilabbaskayani 
Bypassing Password Reset
13 Jun 2016 timeline
drchrono disclosed a bug submitted by ullger 
Bypass password complexity requirements on passsword reset page
13 Jun 2016 timeline
drchrono disclosed a bug submitted by bashlogic 
node.drchrono.com - Information Disclosure and Windows Host Exposed
13 Jun 2016 timeline
drchrono disclosed a bug submitted by yaworsk Twitter
Stored XSS via AngularJS Injection
13 Jun 2016 timeline
New Relic disclosed a bug submitted by shailesh4594 
Open redirection bypass
13 Jun 2016 timeline
Moneybird disclosed a bug submitted by hackheaven123 
Stored XSS in Financial Account executing in Bank tab
13 Jun 2016 timeline
New Relic disclosed a bug submitted by vikinghoarder 
rpm.newrelic.com - monitor creation to other accounts
13 Jun 2016 timeline
Moneybird disclosed a bug submitted by hackheaven 
Malicious File Upload
13 Jun 2016 timeline
Moneybird disclosed a bug submitted by yaworsk Twitter
Employees with Any Permissions Can Create App with Full Permissions and Perform any API Action
13 Jun 2016 timeline
Moneybird disclosed a bug submitted by trabajoduro 
CSV Injection with the CSV export feature
13 Jun 2016 timeline
Veris disclosed a bug submitted by ashishdhaduk 
Security Vulnerability - SMTP protection not used
12 Jun 2016 timeline
Veris disclosed a bug submitted by aziose 
Wordpress Pingback DDoS Attacks in domain: veris.in
12 Jun 2016 timeline
1 ... 292 293 294 295 296 ... 391
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM