REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
55
b'ooooooo_q'
50
b'jon_bottarini'
49
b'haxta4ok00'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Automattic'
disclosed a bug submitted by
b'shivangmauryaa'
b'Open redirect via redirect_to parameter in tumblr.com'
05 Nov 2024
b'MacTaggart Scott'
disclosed a bug submitted by
b'goedix'
b'Overwrite any file of the web server'
05 Nov 2024
b'curl'
disclosed a bug submitted by
b'newfunction'
b'When curl uses Schannel as TLS backend, it fails to enforce TLS 1.3 cipher suite selections correctly'
04 Nov 2024
b'Basecamp'
disclosed a bug submitted by
b'thwin_htet'
b'Stored XSS on trix editor version 2.1.1'
04 Nov 2024
b'MTN Group'
disclosed a bug submitted by
b'haythem02'
b'Social media account takeover '
03 Nov 2024
b'ProductBoard, Inc.'
disclosed a bug submitted by
b'mous_haxk'
b'Insecure Invitation Link Handling'
31 Oct 2024
b'Acronis'
disclosed a bug submitted by
b'regexr'
b'Bypassing Recaptcha Protection in `https://connect.acronis.com`'
30 Oct 2024
b'Acronis'
disclosed a bug submitted by
b'mubassirpatel'
b'Blind XSS on admin.acronis.com via delete account form on account.acronis.com'
30 Oct 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'dwisiswant0'
b'ReDoS Vulnerability in HTTP Accept Headers Parsing'
30 Oct 2024
b'HackerOne'
disclosed a bug submitted by
b'akashhamal0x01'
b'Bypassing HackerOne 2FA due to race condition'
30 Oct 2024
b'MetaMask'
disclosed a bug submitted by
b'pkkr'
b'Missing Line Terminator on allowedOrigins enables origin spoofing'
29 Oct 2024
b'Mozilla'
disclosed a bug submitted by
b'hackeriron1'
b'#2 CSRF to Information disclosure on password cancel endpoint '
29 Oct 2024
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'hypervis0r'
b'Lack of rate limiting in https:///PKI/PassReset.aspx leads to PII disclosure and potential account takeover'
25 Oct 2024
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'0xym'
b'Unauthenticated LFI (Local File Inclusion) using the symbol `!` At the target `https:///`'
25 Oct 2024
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'k0x'
b'SQL Injection'
25 Oct 2024
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'exploitmsf'
b'CVE-2020-7961 RCE Liferay Portal Unauthenticated via https:///'
25 Oct 2024
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'badlifeguard'
b'Pull Any Automated Record Brief'
25 Oct 2024
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'badlifeguard'
b' SSN/EDPI'
25 Oct 2024
b'Hyperledger'
disclosed a bug submitted by
b'hackergandhi'
b'Memory Leak in bytes_to_hexstring Function'
24 Oct 2024
b'AWS VDP'
disclosed a bug submitted by
b'necr0mancer'
b'Information Disclosure Due To exposed .env file (Directory Listing) at '
22 Oct 2024
1
2
3
4
5
6
...
716
BY DENIS WERNER - @NOBBD -
IMPRESSUM