REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Twitter'
disclosed a bug submitted by
b'protostar0'
b'login csrf in analytics.mopub.com'
02 Oct 2019
b'Twitter'
disclosed a bug submitted by
b'updatelap'
b'Reports Modal in app.mopub.com Disclose by any user'
02 Oct 2019
b'GitLab'
disclosed a bug submitted by
b'petee'
b'Privilege escalation due to insecure use of logrotate'
01 Oct 2019
b'TTS Bug Bounty'
disclosed a bug submitted by
b'manshum12'
b'Stealing Users OAuth Tokens through redirect_uri parameter'
01 Oct 2019
b'Maker Ecosystem Growth Holding'
disclosed a bug submitted by
b'lucash-dev'
b'Steal ALL collateral during liquidation by exploiting lack of validation in `flip.kick`'
01 Oct 2019
b'TomTom'
disclosed a bug submitted by
b'sbakhour'
b'Anonymous user login to Nexus Repository Manager '
01 Oct 2019
b'ZEIT'
disclosed a bug submitted by
b'sbakhour'
b'Stored XSS on Zeit.co user profile'
01 Oct 2019
b'GitLab'
disclosed a bug submitted by
b'abdilahrf_'
b'Clientside resource Exhausting by exploiting gitlab math rendering '
01 Oct 2019
b'GitLab'
disclosed a bug submitted by
b'xanbanx'
b'Bypassing push rules via MRs created by Email'
01 Oct 2019
b'GitLab'
disclosed a bug submitted by
b'xanbanx'
b'Last pipeline status for MR leaked '
01 Oct 2019
b'pixiv'
disclosed a bug submitted by
b'katsuragicsl'
b'Open redirect protection (https://www.pixiv.net/jump.php) is broken for novels'
01 Oct 2019
b'Starbucks'
disclosed a bug submitted by
b'bobrov'
b'[mena.starbucks.com] Laravel App Log & Configuration Disclosure.'
30 Sep 2019
b'Starbucks'
disclosed a bug submitted by
b'k3mlol'
b'Starbucks China Android app cloud storage service leaks a credential.'
30 Sep 2019
b'OpenSSL (IBB)'
disclosed a bug submitted by
b'jorandirkgreef'
b'ChaCha20-Poly1305 with long nonces'
30 Sep 2019
b'HackerOne'
disclosed a bug submitted by
b'japz'
b'Manipulate hacker profile and private program hacktivity to expose your name as researchers who is actively submitting reports with resolve status'
29 Sep 2019
b'Mail.ru'
disclosed a bug submitted by
b'taraszelyk'
b'Avatar upload allows arbitrary file overwriting'
28 Sep 2019
b'Mail.ru'
disclosed a bug submitted by
b'elmahdi'
b'Blind SSRF [ Sentry Misconfiguraton ]'
27 Sep 2019
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'root_pwn'
b'Criticals Stored (XSS) at - 7TH AIR FORCE'
27 Sep 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'3la2kb'
b'Application level denial of service due to shutting down the server '
27 Sep 2019
b'Twitter'
disclosed a bug submitted by
b'antisocial_eng'
b'Ability to perform actions (Tweet, Retweet, DM) and other actions, unauthenticated, on any account with SMS enabled.'
26 Sep 2019
1
...
325
326
327
328
329
...
691
BY DENIS WERNER - @NOBBD -
IMPRESSUM