REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
81
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
60
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Node.js'
disclosed a bug submitted by
b'alyssawilk'
b'HTTP header values do not have trailing OWS trimmed'
24 Feb 2020
b'NordVPN'
disclosed a bug submitted by
b'alishah'
b'No Rate Limit On Forgot Password Page Of affiliates.nordvpn.com'
24 Feb 2020
b'NordVPN'
disclosed a bug submitted by
b'mase289'
b'Blind SSRF on debug.nordvpn.com due to misconfigured sentry instance'
24 Feb 2020
b'NordVPN'
disclosed a bug submitted by
b'enixium'
b'Password Reset Link Works Multiple Times'
24 Feb 2020
b'ForeScout Technologies'
disclosed a bug submitted by
b'a_constant'
b'HTML Injection & Content Spoofing'
24 Feb 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'kelotex'
b'Several simple remote code execution in pdf-image'
24 Feb 2020
b'Valve'
disclosed a bug submitted by
b'splatt581'
b'Malformed save files (.sav) allow to write files with arbitrary extensions and content in GoldSrc-based games.'
24 Feb 2020
b'Topcoder'
disclosed a bug submitted by
b'0x496'
b'Cross Site Scripting via CVE-2018-5230 on https://apps.topcoder.com'
24 Feb 2020
b'NordVPN'
disclosed a bug submitted by
b'martinbydefault'
b'Connection informaton is sent to a third-party service'
23 Feb 2020
b'Stellar.org'
disclosed a bug submitted by
b'suvrat7'
b'Bypassing Verify Humans Page'
23 Feb 2020
b'Stellar.org'
disclosed a bug submitted by
b'ramakanthk35'
b'Direct URL access to PDF files'
23 Feb 2020
b'Stellar.org'
disclosed a bug submitted by
b'vyshnav_nk'
b'xss'
23 Feb 2020
b'Stellar.org'
disclosed a bug submitted by
b'abo-jehad'
b'brute force attack allowed on admin page https://www.stellar.org/wp-admin/'
23 Feb 2020
b'Stellar.org'
disclosed a bug submitted by
b'hach3ro'
b'Admin panel of https://www.stellar.org/wp-admin/'
23 Feb 2020
b'Maximum'
disclosed a bug submitted by
b'zeop'
b'x-request-id header reflected in server response without sanitization'
22 Feb 2020
b'Automattic'
disclosed a bug submitted by
b'hacki3boy'
b'Modify account details by exploiting clickjacking vulnerability on refer.wordpress.com'
22 Feb 2020
b'Twitter'
disclosed a bug submitted by
b'kunal94'
b'Periscope android app deeplink leads to CSRF in follow action'
21 Feb 2020
b'Twitter'
disclosed a bug submitted by
b'nyuszika7h'
b'iOS app crashed by specially crafted direct message reactions'
21 Feb 2020
b'Twitter'
disclosed a bug submitted by
b'lorenznickel'
b"Twitter Source Label allow 'mongolian vowel separator' U+180E (app name)"
21 Feb 2020
b'Twitter'
disclosed a bug submitted by
b'jubabaghdad'
b'Reflected XSS in twitterflightschool.com'
21 Feb 2020
1
...
322
323
324
325
326
...
733
BY DENIS WERNER - @NOBBD -
IMPRESSUM