REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
83
b'linkks'
75
b'jobert'
70
b'nyymi'
62
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Visma Bug Bounty Program'
disclosed a bug submitted by
b'muon4'
b'SSRF in img export'
26 Mar 2020
b'Visma Bug Bounty Program'
disclosed a bug submitted by
b'muon4'
b'Stored XSS when uploading files to an invoice'
26 Mar 2020
b'Valve'
disclosed a bug submitted by
b'kohtep2010'
b'Malformed BSP in GoldSrc Engine may cause shellcode injection'
25 Mar 2020
b'Valve'
disclosed a bug submitted by
b'kohtep2010'
b'Vulnerability in GoldSource Engine allows to upload and run an arbitrary DLL on client'
25 Mar 2020
b'Valve'
disclosed a bug submitted by
b'hunterstanton'
b'Malformed NAV file leads to buffer overflow and code execution in Left4Dead2.exe'
25 Mar 2020
b'Qulture.Rocks'
disclosed a bug submitted by
b'pain45'
b'Privilege escalation from member user ( editor ) to admin user'
25 Mar 2020
b'Twitter'
disclosed a bug submitted by
b'naategh'
b'Reset password without knowing current password'
25 Mar 2020
b'Vanilla'
disclosed a bug submitted by
b'mindingdata'
b'XSS For Profile Name'
25 Mar 2020
b'Vanilla'
disclosed a bug submitted by
b'mindingdata'
b'Conversation API Leaks Details Of UnAuthorized Conversations'
25 Mar 2020
b'Visma Bug Bounty Program'
disclosed a bug submitted by
b'base_64'
b'[IDOR]Ability to Pause & Resume the Invoice of other users If GUID is known.'
25 Mar 2020
b'Visma Bug Bounty Program'
disclosed a bug submitted by
b'base_64'
b'[IDOR]Ability to View/Delete/Edit (Forward to attachment archive) Email of other user if GUID is known.'
25 Mar 2020
b'Stripo Inc'
disclosed a bug submitted by
b'pain45'
b'XSRF Token is Not being validated when sending emails test request which lead to CSRF attack using the flash file + 307 redirect technique'
25 Mar 2020
b'GitLab'
disclosed a bug submitted by
b'shaileshpratapwar'
b'Email notification about login email changed is not received when using verified linked email address'
25 Mar 2020
b'Open-Xchange'
disclosed a bug submitted by
b'zhutyra'
b'SSRF - Office Documents - Image URL'
25 Mar 2020
b'Stripo Inc'
disclosed a bug submitted by
b'pain45'
b'Strored Xss on https://my.stripo.email/ ( multiple inputs)'
25 Mar 2020
b'LINE'
disclosed a bug submitted by
b'hahwul'
b'SSRF on music.line.me through getXML.php'
25 Mar 2020
b'LINE'
disclosed a bug submitted by
b'zophi'
b'DOM-based XSS on mobile.line.me'
25 Mar 2020
b'LINE'
disclosed a bug submitted by
b'ngalog'
b'Able to Become Admin for Any LINE Official Account'
25 Mar 2020
b'HackerOne'
disclosed a bug submitted by
b'red_assassin'
b'profile-picture name parameter with large value lead to DoS for other users and programs on the platform'
25 Mar 2020
b'Evernote'
disclosed a bug submitted by
b'ajdumanhug'
b'One Click Code Execution via File'
24 Mar 2020
1
...
318
319
320
321
322
...
738
BY DENIS WERNER - @NOBBD -
IMPRESSUM