Top10 publishers:
bobrov114 
linkks75 
geeknik72 
sp1d3rs63 
jobert57 
netfuzzer47 
guido45 Twitter
bl4de42 
ryat40 
bigbear_38 

the unofficial HackerOne disclosure timeline.

X
Pornhub disclosed a bug submitted by zephrfish Twitter
HTTP Track/Trace Method Enabled
17 Aug 2016 timeline
OLX disclosed a bug submitted by palashjhabak 
Unauthorised access to olx.in user accounts.
17 Aug 2016 timeline
HackerOne disclosed a bug submitted by saeedhashem 
Ability to monitor reports' submission in real time
17 Aug 2016 timeline
Nextcloud disclosed a bug submitted by fransrosen 
Response Header injection using redirect_uri together with PHP that utilizes Header Folding according to RFC1945 and Internet Explorer 11
17 Aug 2016 timeline
OLX disclosed a bug submitted by niemand 
SQLi in Payment Request
16 Aug 2016 timeline
Pornhub disclosed a bug submitted by agarri_fr 
libav (used during conversion of uploaded videos) is vulnerable to SSRF attacks
15 Aug 2016 timeline
Uber disclosed a bug submitted by severus 
[IODR] Get business trip via organization id
15 Aug 2016 timeline
Uber disclosed a bug submitted by issam_rabhi 
Missing authorization checks leading to the exposure of ubernihao.com administrator accounts
15 Aug 2016 timeline
Uber disclosed a bug submitted by parth Twitter
[CRITICAL] -- Complete Account Takeover
15 Aug 2016 timeline
Slack disclosed a bug submitted by d0znpp 
Source code leakage through GIT web access at host '52.91.137.42'
15 Aug 2016 timeline
Dovecot disclosed a bug submitted by koolacac 
Outdated Apache Server in www.dovecot.fi is vulnerable to various attack.
15 Aug 2016 timeline
OLX disclosed a bug submitted by thezawad Twitter
Manipulating joinolx.com Job Vacancy alert subscription emails (HTML Injection / Script Injection)
15 Aug 2016 timeline
Gratipay disclosed a bug submitted by kuskumar 
csrf_token cookie don't have the flag "HttpOnly"
14 Aug 2016 timeline
Zomato disclosed a bug submitted by spam404 
XSS on zomato.com
14 Aug 2016 timeline
Gratipay disclosed a bug submitted by mmyamin 
bring grtp.co up to A grade on SSLLabs
13 Aug 2016 timeline
Instacart disclosed a bug submitted by introvertmac 
CSRF with redeem coupon request
13 Aug 2016 timeline
Veris disclosed a bug submitted by ak1t4 
Internal server error 500 at log.veris.in
13 Aug 2016 timeline
New Relic disclosed a bug submitted by praseudo Twitter
Login CSRF vulnerability
12 Aug 2016 timeline
New Relic disclosed a bug submitted by rahul_ch 
All Active user sessions should be destroyed when user change his password!
12 Aug 2016 timeline
concrete5 disclosed a bug submitted by khalidamin511 
CSRF Full Account Takeover
12 Aug 2016 timeline
1 ... 331 332 333 334 335 ... 448
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM