REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
83
b'linkks'
75
b'jobert'
70
b'nyymi'
62
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'8x8'
disclosed a bug submitted by
b'madrobot'
b'[CRITICAL] Sql Injection on http://axa.dxi.eu'
09 Jun 2020
b'8x8'
disclosed a bug submitted by
b'madrobot'
b'[CRITICAL] Remote code execution on http://axa.dxi.eu'
09 Jun 2020
b'8x8'
disclosed a bug submitted by
b'p4nk4jv'
b'xmlrpc.php file enabled'
09 Jun 2020
b'8x8'
disclosed a bug submitted by
b'madrobot'
b'Stored XSS agent_status '
09 Jun 2020
b'8x8'
disclosed a bug submitted by
b'madrobot'
b'Bypass Email activation on http://axa.dxi.eu'
09 Jun 2020
b'8x8'
disclosed a bug submitted by
b'l34r00t'
b'Sensitive data disclosure via exposed phpunit file'
09 Jun 2020
b'8x8'
disclosed a bug submitted by
b'madrobot'
b'XSS (Cross site scripting) on https://apimgr.8x8.com'
09 Jun 2020
b'8x8'
disclosed a bug submitted by
b'madrobot'
b'Reflected XSS on http://axa.dxi.eu'
09 Jun 2020
b'8x8'
disclosed a bug submitted by
b'whitehatmat'
b'Directory listing of https://get8x8.com/'
09 Jun 2020
b'8x8'
disclosed a bug submitted by
b'madrobot'
b'Xss (cross site scripting) on http://axa.dxi.eu/'
09 Jun 2020
b'InnoGames'
disclosed a bug submitted by
b'aeswagyewgyes'
b'Impersonation and ticket id enumeration on support.innogames.com'
09 Jun 2020
b'WordPress'
disclosed a bug submitted by
b'simonscannell'
b'RCE as Admin defeats WordPress hardening and file permissions'
09 Jun 2020
b'8x8'
disclosed a bug submitted by
b'sandrogauci'
b'Open TURN relay abuse is possible due to lack of peer access control (Critical)'
08 Jun 2020
b'DRIVE.NET, Inc.'
disclosed a bug submitted by
b'what_web'
b'[www.drive2.ru] There is no rate limit for comments endpoints.'
08 Jun 2020
b'GitLab'
disclosed a bug submitted by
b'vakzz'
b'gitlab-workhorse bypass in Gitlab::Middleware::Multipart allowing files in `allowed_paths` to be read'
08 Jun 2020
b'GitLab'
disclosed a bug submitted by
b'vakzz'
b'SSRF on project import via the remote_attachment_url on a Note'
07 Jun 2020
b'Semmle'
disclosed a bug submitted by
b'thehackerish'
b'Docker Registry HTTP API v2 exposed in HTTP without authentication leads to docker images dumping and poisoning'
06 Jun 2020
b'GitHub Security Lab'
disclosed a bug submitted by
b'grzegol'
b'CodeQL query to detect JNDI injections'
05 Jun 2020
b'HackerOne'
disclosed a bug submitted by
b'msdian7'
b'Unauthorized access to metadata of undisclosed reports that were retested'
05 Jun 2020
b'GitHub Security Lab'
disclosed a bug submitted by
b'logicmap'
b'gagliardetto: Query to detect incorrect conversion between numeric types'
04 Jun 2020
1
...
298
299
300
301
302
...
738
BY DENIS WERNER - @NOBBD -
IMPRESSUM