Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'83 
b'linkks'75 
b'jobert'70 
b'nyymi'62 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Topcoder' disclosed a bug submitted by b'bonikia97' 
b'PII of Users Disclosure using "/members/invite/" endpoint'
13 Apr 2020 timeline
b'Stripo Inc' disclosed a bug submitted by b'doctor_spooky' 
b'Unrestricted File Upload on https://my.stripo.email and https://stripo.email'
13 Apr 2020 timeline
b'MTN Group' disclosed a bug submitted by b'itsafolic1' 
b'Account Take over of millions of MTN users account due to lack of Rate limiting when sending OTP code'
13 Apr 2020 timeline
b'Zenly' disclosed a bug submitted by b'ticzox' 
b'Insecure Storage and Overly Permissive API Keys in Android App'
12 Apr 2020 timeline
b'MTN Group' disclosed a bug submitted by b'kcz' 
b"OTP bypass - Unintended disclosure of OTP to client allows attacker to manage users' subscriptions"
11 Apr 2020 timeline
b'BCM Messenger' disclosed a bug submitted by b'dedsec69' 
b'IDOR leading to downloading of any attachment'
11 Apr 2020 timeline
b'8x8' disclosed a bug submitted by b'adam99' 
b'Insecure OAuth redirection at [admin.8x8.vc]'
10 Apr 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'jlord87' 
b"User can delete data in shared folders he's not autorized to access"
10 Apr 2020 timeline
b'Ubiquiti Inc.' disclosed a bug submitted by b'giany' 
b'Unauthenticated request allows changing hostname'
10 Apr 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'protex0r' 
b'Code injection in macOS Desktop Client '
10 Apr 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'at5djl3pwjmunyutnoatp' 
b'"Secure View" aka "Hide Download" can be bypassed easily'
10 Apr 2020 timeline
b'Stripo Inc' disclosed a bug submitted by b'c1kada' 
b'SSRF in Export template to ActiveCampaign'
10 Apr 2020 timeline
b'Stripo Inc' disclosed a bug submitted by b'codeslayer137' 
b'HTTP Request Smuggling on my.stripo.email'
10 Apr 2020 timeline
b'Shopify' disclosed a bug submitted by b'ngalog' 
b'CSRF on connecting Paypal as Payment Provider'
10 Apr 2020 timeline
b'Equifax' disclosed a bug submitted by b'lijhazo' 
b'Information Leak (Github)'
09 Apr 2020 timeline
b'Genasys Technologies' disclosed a bug submitted by b'mahmutyazici' 
b'Improper Input Validation on payment page'
09 Apr 2020 timeline
b'Razer' disclosed a bug submitted by b's3cr3tsdn' 
b'SQL Injection at https://sea-web.gold.razer.com/lab/cash-card-incomplete-translog-resend via period-hour Parameter'
08 Apr 2020 timeline
b'Razer' disclosed a bug submitted by b's3cr3tsdn' 
b'[SSRF] Server-Side Request Forgery at https://sea-web.gold.razer.com/dev/simulator via notify_url Parameter'
08 Apr 2020 timeline
b'Razer' disclosed a bug submitted by b's3cr3tsdn' 
b'Source Code Disclosure'
08 Apr 2020 timeline
b'Razer' disclosed a bug submitted by b's3cr3tsdn' 
b'SQL injection at https://sea-web.gold.razer.com/demo-th/goto-e2p-web-api.php via Multiple Parameters'
08 Apr 2020 timeline
1 ... 313 314 315 316 317 ... 738
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM