REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
bobrov
107
sp1d3rs
54
bigbear_
38
guido
37
bl4de
37
isox
36
geeknik
35
4lemon
35
edio
34
jobert
34
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
Khan Academy
disclosed a bug submitted by
rootbakar
Possible Take Over Subdomain For Inbound Emails
08 Nov 2018
Shopify
disclosed a bug submitted by
h13-
PII disclosure -- Past team members & their email ID(personal email) can be viewed by Staff member with no permissions on Partner Dashboard
08 Nov 2018
Shopify
disclosed a bug submitted by
rijalrojan
Disclosure of Github Issues
08 Nov 2018
HackerOne
disclosed a bug submitted by
adac95
Self DOM-Based XSS in www.hackerone.com
08 Nov 2018
HackerOne
disclosed a bug submitted by
tolo7010
Disclosure of top 10 vulnerability types for programs that haven't enabled the Insights feature
07 Nov 2018
HackerOne
disclosed a bug submitted by
ateek
Proper verification is not done before sending invitations to researchers for certain private programs with rules e.g. "Participants must be US-based"
07 Nov 2018
Shopify
disclosed a bug submitted by
dr_dragon
Stored xss
07 Nov 2018
DuckDuckGo
disclosed a bug submitted by
smither
DOM XSS on 50x.html page on proxy.duckduckgo.com
07 Nov 2018
Shopify
disclosed a bug submitted by
palant
App messaging can be hijacked by third-party websites
07 Nov 2018
Shopify
disclosed a bug submitted by
palant
Admin bar: Incomplete message origin validation results in XSS
07 Nov 2018
Ubiquiti Networks
disclosed a bug submitted by
hamlon
UniFi Video Server - Broken access control on system configuration
07 Nov 2018
Ubiquiti Networks
disclosed a bug submitted by
hamlon
UniFi Video Server - Arbitrary file upload as SYSTEM
07 Nov 2018
TTS Bug Bounty
disclosed a bug submitted by
cablej_dds
Redirect on authorization allows account compromise
06 Nov 2018
PayPal
disclosed a bug submitted by
stefanofinding
XSS [flow] - on www.paypal.com/paypalme/my/landing (requires user interaction)
06 Nov 2018
Mail.Ru
disclosed a bug submitted by
bobrov
[info.tmgame.mail.ru] Apache Server Status
06 Nov 2018
Mail.Ru
disclosed a bug submitted by
bobrov
[evo2.my.com] Internet Explorer XSS
06 Nov 2018
Mail.Ru
disclosed a bug submitted by
bobrov
[lk-cdn.3igames.mail.ru] apc.php
06 Nov 2018
Mail.Ru
disclosed a bug submitted by
bobrov
[new.wf.mail.ru] XSS Request-URI
06 Nov 2018
Mail.Ru
disclosed a bug submitted by
bobrov
[beta.tracker.my.com] XSS Request-URI
06 Nov 2018
Mail.Ru
disclosed a bug submitted by
bobrov
[gamesventures.mail.ru] Publicly accessible GIT directory
06 Nov 2018
1
2
3
4
5
6
...
313
BY DENIS WERNER - @NOBBD -
IMPRESSUM
