REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
81
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
58
b'ooooooo_q'
52
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Slack'
disclosed a bug submitted by
b'sandrogauci'
b'Slack DTLS uses a private key that is in the public domain, which may lead to SRTP stream hijack'
12 Mar 2020
b'Slack'
disclosed a bug submitted by
b'sandrogauci'
b'TURN server allows TCP and UDP proxying to internal network, localhost and meta-data services'
12 Mar 2020
b'Monero'
disclosed a bug submitted by
b'consistent-dream'
b'Monero wallet password change is confirmed when not matching'
11 Mar 2020
b'Monero'
disclosed a bug submitted by
b'ahook'
b'Potential linkage of public/private (anonymous) node addresses'
11 Mar 2020
b'HackerOne'
disclosed a bug submitted by
b'jobert'
b'HackerOne Pentesters can access any structured scope object through GraphQL node interface'
11 Mar 2020
b'Razer'
disclosed a bug submitted by
b'0x496'
b'Reflected XSS on molpay.com with cloudflare bypass'
11 Mar 2020
b'Razer'
disclosed a bug submitted by
b's3cr3tsdn'
b'Insecure Processing of XML leads to Denial of Service through Billion Laughs Attack'
11 Mar 2020
b'Razer'
disclosed a bug submitted by
b'l00ph0le'
b'Store Cross-Site Scripting - www.razer.ru'
11 Mar 2020
b'Razer'
disclosed a bug submitted by
b't3ngu'
b' Information disclosure at http://sea-s2s.molthailand.com/status.php'
11 Mar 2020
b'Razer'
disclosed a bug submitted by
b'nnez'
b'Leftover back-end system on www.zest.co.th allows an unauthorized attacker to generate Razer Gold Pin for free'
11 Mar 2020
b'Starbucks'
disclosed a bug submitted by
b'iampuky'
b'Korea - LFI via path traversal at https://msr.istarbucks.co.kr:6443/appif/'
10 Mar 2020
b'Shopify'
disclosed a bug submitted by
b'fisher'
b'H1514 Deanonymizing Exchange Marketplace private listings '
10 Mar 2020
b'Starbucks'
disclosed a bug submitted by
b'l00ph0le'
b'Hong Kong - Open Redirect on card.starbucks.com.hk'
10 Mar 2020
b'Mail.ru'
disclosed a bug submitted by
b'asdqwedev'
b'Blind SQL Injection on news.mail.ru'
10 Mar 2020
b'Mail.ru'
disclosed a bug submitted by
b'godofdarkness_msf'
b'Account takeover at geekbrains.ru'
10 Mar 2020
b'Mail.ru'
disclosed a bug submitted by
b'khalidhissen'
b'ssl cookkie without secure flag set'
10 Mar 2020
b'Mail.ru'
disclosed a bug submitted by
b'api_0'
b'[windows10.hi-tech.mail.ru] Blind SQL Injection '
10 Mar 2020
b'Mail.ru'
disclosed a bug submitted by
b'alexeysergeevich'
b'turboslim.lady.mail.ru - Blind sql-injection.'
10 Mar 2020
b'Mail.ru'
disclosed a bug submitted by
b'naategh'
b'vk.com profile page takeover on https://cabinet.am.ru/'
10 Mar 2020
b'Mail.ru'
disclosed a bug submitted by
b'linkks'
b' allods.mail.ru sql injection'
10 Mar 2020
1
...
315
316
317
318
319
...
732
BY DENIS WERNER - @NOBBD -
IMPRESSUM