REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
bobrov
107
sp1d3rs
54
jobert
45
bl4de
39
bigbear_
38
guido
38
isox
36
4lemon
35
linkks
35
geeknik
35
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
Twitter
disclosed a bug submitted by
avram
DOM Cross-Site Scripting ( XSS )
03 Dec 2014
Eobot
disclosed a bug submitted by
psych0tr1a
Multiple information disclosure
01 Dec 2014
wont-fix
Twitter
disclosed a bug submitted by
siddiki
Flaw in valid password policy.
30 Nov 2014
wont-fix
Eobot
disclosed a bug submitted by
masatokinugawa
XSS in www.eobot.com(IE9 only)
29 Nov 2014
Twitter
disclosed a bug submitted by
mohdhaji87
Broken authentication and invalidated email address leads to account takeover
28 Nov 2014
wont-fix
Twitter
disclosed a bug submitted by
anshuman_bh
Creating Unauthorized Audience Lists
28 Nov 2014
wont-fix
IRCCloud
disclosed a bug submitted by
internetwache
Weak password policy
27 Nov 2014
wont-fix
Coinbase
disclosed a bug submitted by
prakharprasad
Coinbase Android Application - Bitcoin Wallet Leaks OAuth Response Code
26 Nov 2014
99designs
disclosed a bug submitted by
ashesh
Source Code Disclosure (PHP)
26 Nov 2014
Ruby on Rails
disclosed a bug submitted by
nahamsec
Arbitrary file existence disclosure in Action Pack
20 Nov 2014
Factlink
disclosed a bug submitted by
nahamsec
File name/folder enumeration.
18 Nov 2014
IRCCloud
disclosed a bug submitted by
hari-cybex
Password type input with auto-complete enabled
17 Nov 2014
wont-fix
IRCCloud
disclosed a bug submitted by
hari-cybex
Missing Character Restriction
17 Nov 2014
wont-fix
Twitter
disclosed a bug submitted by
shahriyar
Token remains alive ever after logging out!
17 Nov 2014
wont-fix
The Internet
disclosed a bug submitted by
mik
rsync hash collisions may allow an attacker to corrupt or modify files
17 Nov 2014
Secret
disclosed a bug submitted by
vinothkumar
Broken Authentication and Session Management
17 Nov 2014
Square
disclosed a bug submitted by
cliffordtrigo
XSS [BookFresh]
17 Nov 2014
ExpressionEngine
disclosed a bug submitted by
deadlock
Stored Cross-Site Scripting Vulnerability in /admin.php?/cp/admin_system/general_configuration
17 Nov 2014
Square
disclosed a bug submitted by
cliffordtrigo
XSS in Client Past Activity
17 Nov 2014
Square
disclosed a bug submitted by
avlidienbrunn
CRITICAL Account takeover via AngularJS template injection in connect.squareup.com
17 Nov 2014
1
...
304
305
306
307
308
...
339
BY DENIS WERNER - @NOBBD -
IMPRESSUM
