REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
84
b'linkks'
75
b'jobert'
70
b'nyymi'
65
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Stripo Inc'
disclosed a bug submitted by
b'whitehatmat'
b'Integer Overflow (CVE_2017_7529)'
13 Jul 2020
b'Stripo Inc'
disclosed a bug submitted by
b'dotsecurity'
b'SSRF via Export Service in ActiveCampaign'
13 Jul 2020
b'Ruby on Rails'
disclosed a bug submitted by
b'ooooooo_q'
b'File writing by Directory traversal at actionpack-page_caching and RCE by it'
13 Jul 2020
b'Helium'
disclosed a bug submitted by
b'amr321'
b'Read-Only user can delete users'
10 Jul 2020
b'Twitter'
disclosed a bug submitted by
b'updatelap'
b'Ability to bruteforce mopub account\xe2\x80\x99s password due to lack of rate limitation protection using {ip rotation techniques}'
10 Jul 2020
b'Maximum'
disclosed a bug submitted by
b'what_web'
b'[www.werkenbijbakertilly.nl] Denial of service due to incorrect server return can result in total denial of service.'
10 Jul 2020
b'Maximum'
disclosed a bug submitted by
b'what_web'
b'[www.werkenbijderet.nl] There is no rate limit for vacature-alert endpoints'
10 Jul 2020
b'Moneybird'
disclosed a bug submitted by
b'ant_pyne'
b"Pending MFA logins aren't immediatly expired after a password change"
10 Jul 2020
b'TTS Bug Bounty'
disclosed a bug submitted by
b'justchillin'
b'Blind SSRF on https://labs.data.gov/dashboard/Campaign/json_status/ Endpoint'
10 Jul 2020
b'GitHub Security Lab'
disclosed a bug submitted by
b'd3lla'
b'[javascript] CWE-020: CodeQL query to detect missing origin validation in cross-origin communication via postMessage'
09 Jul 2020
b'Automattic'
disclosed a bug submitted by
b'fuzzme'
b'[tumblr.com] 69< Firefox Only XSS Reflected'
09 Jul 2020
b'Nextcloud'
disclosed a bug submitted by
b'arezthehopebuster_'
b'Full path disclosure vulnerability via Upload .htaccess file'
09 Jul 2020
b'Nextcloud'
disclosed a bug submitted by
b'jmdx'
b'Non-admin users can trigger writes to memcached by entering a malicious server as a share URL'
09 Jul 2020
b'Zomato'
disclosed a bug submitted by
b'defparam'
b'Stealing Zomato X-Access-Token: in Bulk using HTTP Request Smuggling on api.zomato.com'
09 Jul 2020
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'notdeghost'
b'CSRF Account Deletion on ??? Website'
09 Jul 2020
b'TTS Bug Bounty'
disclosed a bug submitted by
b'justchillin'
b'Limited LFI'
09 Jul 2020
b'Urban Dictionary'
disclosed a bug submitted by
b'schirgel'
b'Bypass voting restriction due to HTTP Header Injection'
08 Jul 2020
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'pi_hunter50'
b'Unrestricted File Upload Leads to XSS & Potential RCE'
08 Jul 2020
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'flav_'
b'Subdomain takeover of ????'
08 Jul 2020
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'pi_hunter50'
b'Stored XSS at ??????userprofile.aspx'
08 Jul 2020
1
...
293
294
295
296
297
...
745
BY DENIS WERNER - @NOBBD -
IMPRESSUM
