REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
83
b'linkks'
75
b'jobert'
70
b'nyymi'
62
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Blueboard'
disclosed a bug submitted by
b'0_0eth0'
b'Leak of Internel IP, Browser, Browser version, OS, & Much more through Selenium Grid Console'
12 Feb 2020
b'Endless Hosting'
disclosed a bug submitted by
b'codermak'
b'Modify Host Header which is sent to email'
12 Feb 2020
b'Endless Hosting'
disclosed a bug submitted by
b'gr3yc4t26'
b'CVE-2017-8779 exploit on open rpcbind port could lead to remote DoS'
12 Feb 2020
b'Yelp'
disclosed a bug submitted by
b'md15ev'
b'No rate limiting for confirmation email lead to email flooding'
11 Feb 2020
b'Starbucks'
disclosed a bug submitted by
b'nnez'
b'Thailand - Insecure Direct Object Reference permits an unauthorized user to transfer funds from a victim using only the victims Starbucks card'
11 Feb 2020
b'HackerOne'
disclosed a bug submitted by
b'haxta4ok00'
b'Unauthorized user can obtain `report_sources` attribute through Team GraphQL object'
10 Feb 2020
b'VLC (European Commission - DIG'
disclosed a bug submitted by
b'qrayn'
b'VLC 4.0.0 - Stack Buffer Overflow (SEH)'
10 Feb 2020
b'Localize'
disclosed a bug submitted by
b'zerboa'
b'2-factor authentication can be disabled when logged in without confirming account password'
10 Feb 2020
b'Stripo Inc'
disclosed a bug submitted by
b'qotoz'
b'csrf bypass using flash file + 307 redirect method at plugins endpoint'
10 Feb 2020
b'Stripo Inc'
disclosed a bug submitted by
b'anais'
b'Able to download any hosted content on AWS S3 bucket(stripo)'
10 Feb 2020
b'Nextcloud'
disclosed a bug submitted by
b'whitehattushu'
b'No session logout after changing password & alsoandroid sessions not shown in sessions list so they can be deleted'
09 Feb 2020
b'NordVPN'
disclosed a bug submitted by
b'th3pr0xyb0y'
b'No Rate Limit On Forgot Password Page Of NordVPN'
08 Feb 2020
b'TTS Bug Bounty'
disclosed a bug submitted by
b'johnh4x0r'
b'Content injection via URL parameter.'
08 Feb 2020
b'Twitter'
disclosed a bug submitted by
b'jayesh25'
b'Bypass Password Authentication for updating email and phone number - Security Vulnerability'
08 Feb 2020
b'Infogram'
disclosed a bug submitted by
b'4m4n'
b'Bypass to report #280389 [Thinking The issue is not fixed Yet]'
07 Feb 2020
b'Redtube'
disclosed a bug submitted by
b'johndoe1492'
b'Blind XSS in redtube administering site my.reflected.net'
07 Feb 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'ermilov'
b'[script-manager] Unintended require'
07 Feb 2020
b'Node.js third-party modules'
disclosed a bug submitted by
b'ermilov'
b'[jsreport] Remote Code Execution'
07 Feb 2020
b'Localize'
disclosed a bug submitted by
b'harr2'
b'The password limit is not set, [DoS].'
06 Feb 2020
b'Localize'
disclosed a bug submitted by
b'moodiabdoul3'
b'Stored XSS in Name of Team Member Invitation'
06 Feb 2020
1
...
330
331
332
333
334
...
738
BY DENIS WERNER - @NOBBD -
IMPRESSUM