Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'83 
b'linkks'75 
b'jobert'70 
b'nyymi'62 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'NordVPN' disclosed a bug submitted by b'zaitunoil' 
b'Past payments using the Direct Debit method keep subscriptions active even if payments fail'
21 Feb 2020 timeline
b'NordVPN' disclosed a bug submitted by b'hassancypher' 
b'Host header injection/redirection | signup and login page'
21 Feb 2020 timeline
b'NordVPN' disclosed a bug submitted by b'shardulb_23' 
b'CORS Misconfiguration on nordvpn.com leading to Private Information Disclosure,Account takeover'
21 Feb 2020 timeline
b'RATELIMITED' disclosed a bug submitted by b'miguel_santareno' 
b'Cross Site Request Forgery in auth in https://auth.ratelimited.me/'
21 Feb 2020 timeline
b'NordVPN' disclosed a bug submitted by b'x54xc3' 
b'nordvpn Linux Desktop executable application does not use pie / no ASLR'
21 Feb 2020 timeline
b'HackerOne' disclosed a bug submitted by b'msdian7' 
b'Email address of any user can be queried on Report Invitation GraphQL type when username is known'
20 Feb 2020 timeline
b'Open-Xchange' disclosed a bug submitted by b'zhutyra' 
b'SSRF - Image Sources in HTML Snippets - 727234 bypass'
20 Feb 2020 timeline
b'Open-Xchange' disclosed a bug submitted by b'zhutyra' 
b'Unchecked URL in attachment datasource'
20 Feb 2020 timeline
b'Open-Xchange' disclosed a bug submitted by b'zhutyra' 
b'SSRF - URL Attachments - 725307 bypass'
20 Feb 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'mayankraheja069' 
b'Email Spoofing'
20 Feb 2020 timeline
b'Valve' disclosed a bug submitted by b'xpaw' 
b'GetGlobalAchievementPercentagesForApp is missing the same release checks as GetSchemaForGame'
19 Feb 2020 timeline
b'WakaTime' disclosed a bug submitted by b'phhitachi' 
b'Broken Authentication and session management OWASP A2'
19 Feb 2020 timeline
b'Stripo Inc' disclosed a bug submitted by b'pain45' 
b'SSRF & unrestricted file upload on https://my.stripo.email/'
19 Feb 2020 timeline
b'Valve' disclosed a bug submitted by b'hackerontwowheels' 
b'Steam chat - trade offer presentation vulnerability'
19 Feb 2020 timeline
b'Razer' disclosed a bug submitted by b'fpatrik' 
b'Reflected XSS in eform.molpay.com'
18 Feb 2020 timeline
b'Razer' disclosed a bug submitted by b'0xpegg' 
b'Admin Management - Login Using Default Password - Leads to Image Upload Backdoor/Shell'
18 Feb 2020 timeline
b'Razer' disclosed a bug submitted by b'iamsahana' 
b'Payment PIN Verification Bypass'
18 Feb 2020 timeline
b'Razer' disclosed a bug submitted by b'corraldev' 
b'[pay.gold.razer.com] Stored XSS - Order payment'
18 Feb 2020 timeline
b'Maker Ecosystem Growth Holding' disclosed a bug submitted by b'h4x0rm4n' 
b'DoS of https://blog.makerdao.com/ via CVE-2018-6389'
18 Feb 2020 timeline
b'Maker Ecosystem Growth Holding' disclosed a bug submitted by b'h4x0rm4n' 
b'xmlrpc.php FILE IS enable it will used for Bruteforce attack '
18 Feb 2020 timeline
1 ... 328 329 330 331 332 ... 738
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM