REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Node.js third-party modules'
disclosed a bug submitted by
b'mik317'
b'[npm-git-publish] RCE via insecure command formatting'
11 Jan 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'ayerobot'
b'Stored XSS (Hexo-admin plugin)'
11 Jan 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'mik317'
b'[meta-git] RCE via insecure command formatting'
11 Jan 2020
b'Node.js'
disclosed a bug submitted by
b'vavkamil'
b'CRLF Injection in legacy url API (url.parse().hostname)'
10 Jan 2020
b'NordVPN'
disclosed a bug submitted by
b'bobby6102000'
b'Version problem in wordpress leads to the many vulnearability'
10 Jan 2020
b'SEMrush'
disclosed a bug submitted by
b'zcashi'
b'Unrestricted file upload in www.semrush.com > /my_reports/api/v1/upload/image'
10 Jan 2020
b'Razer'
disclosed a bug submitted by
b'corraldev'
b'Reflected XSS at https://pay.gold.razer.com escalated to account takeover'
10 Jan 2020
b'Node.js'
disclosed a bug submitted by
b'tosh'
b'Hostname spoofing'
10 Jan 2020
b'Mail.ru'
disclosed a bug submitted by
b'bounty-'
b'unauthorized access to add admin endpoint '
09 Jan 2020
b'Mail.ru'
disclosed a bug submitted by
b'sparks'
b'Race condition ??? ??????? ???????? ?? games.mail.ru'
09 Jan 2020
b'Razer'
disclosed a bug submitted by
b't4kemyh4nd'
b'[IDOR] API endpoint leaking sensitive user information'
09 Jan 2020
b'Ian Dunn'
disclosed a bug submitted by
b'bruteforce'
b'Dos https://iandunn.name/ via CVE-2018-6389 exploitation'
09 Jan 2020
b'8x8'
disclosed a bug submitted by
b'kingragnar'
b'Access to ?????????????? due to weak credentials'
08 Jan 2020
b'Dovecot'
disclosed a bug submitted by
b'nick_roessler'
b'Two heap use-after-free errors in IMAP operations'
08 Jan 2020
b'PayPal'
disclosed a bug submitted by
b'alexbirsan'
b"Token leak in security challenge flow allows retrieving victim's PayPal email and plain text password"
08 Jan 2020
b'WordPress'
disclosed a bug submitted by
b'simonscannell'
b'Potential unprivileged Stored XSS through wp_targeted_link_rel'
08 Jan 2020
b'NordVPN'
disclosed a bug submitted by
b'cassiomcampos'
b'DoS of https://nordvpn.com/ via CVE-2018-6389 exploitation'
08 Jan 2020
b'Stripo Inc'
disclosed a bug submitted by
b'jasongardner'
b'Clickjacking on my.stripo.email for MailChimp credentials '
08 Jan 2020
b'Ian Dunn'
disclosed a bug submitted by
b'shrimant_yogi'
b'xmlrpc.php FILE IS enable it can be used for conducting a Bruteforce attack and Denial of Service(DoS)'
07 Jan 2020
b'LifeOmic'
disclosed a bug submitted by
b'base_64'
b'open redirect while login at https://apps.dev.jupiterone.io can leak access code.'
06 Jan 2020
1
...
293
294
295
296
297
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM