REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
81
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
58
b'ooooooo_q'
52
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Rockstar Games'
disclosed a bug submitted by
b'adr'
b'Unquoted Service Path in "Rockstar Game Library Service"'
02 Dec 2019
b'ok.ru'
disclosed a bug submitted by
b'circuit'
b'???????? XSS ? ?????? ?????????? ????? ?????'
02 Dec 2019
b'HackerOne'
disclosed a bug submitted by
b'msdian7'
b'Disclosure of `payment_transactions` for programs via GraphQL query'
01 Dec 2019
b'Vanilla'
disclosed a bug submitted by
b'ronr'
b'Web cache deception attack on https://open.vanillaforums.com/messages/all'
01 Dec 2019
b'Automattic'
disclosed a bug submitted by
b'hodkasia_sachin'
b'[IDOR] Attacker user can Approve/Decline AFK on the behalf of other users'
01 Dec 2019
b'Genasys Technologies'
disclosed a bug submitted by
b'roottusk'
b'Login Bypass to OTP Enumeration'
28 Nov 2019
b'Lob'
disclosed a bug submitted by
b'painreigns'
b'HTTP Request Smuggling on vpn.lob.com'
27 Nov 2019
b'GitLab'
disclosed a bug submitted by
b'jobert'
b'Project Template functionality can be used to copy private project data, such as repository, confidential issues, snippets, and merge requests'
27 Nov 2019
b'WakaTime'
disclosed a bug submitted by
b'rashedhasan007'
b'previous token can be reused for verifying same email address '
27 Nov 2019
b'Nextcloud'
disclosed a bug submitted by
b'leonklingele'
b'Nextcloud domain and name of every user leaked to lookup server'
26 Nov 2019
b'QIWI'
disclosed a bug submitted by
b'pisarenko'
b'????????? ?????????????? ?????????? composer.lock docker-compose.yml '
26 Nov 2019
b'Mail.ru'
disclosed a bug submitted by
b'pss_xss'
b'Reflected XSS on https://go.mail.ru/search?fr=mn&q=<payload>'
25 Nov 2019
b'Mail.ru'
disclosed a bug submitted by
b'almaco'
b'XSS via message subject - mobile application'
25 Nov 2019
b'Kaspersky'
disclosed a bug submitted by
b'palant'
b'Chrome extension: Websites can uninstall browser extensions'
25 Nov 2019
b'Kaspersky'
disclosed a bug submitted by
b'palant'
b'Override links for certificate warnings and similar UI are predictable'
25 Nov 2019
b'Kaspersky'
disclosed a bug submitted by
b'palant'
b"Kaspersky Password Manager allows websites to access user's address data"
24 Nov 2019
b'Kaspersky'
disclosed a bug submitted by
b'palant'
b"[Firefox and Chrome browser integration] Websites can hijack Kaspersky's command interface"
24 Nov 2019
b'Kaspersky'
disclosed a bug submitted by
b'palant'
b"[No browser integration] Websites can hijack Kaspersky's command interface"
24 Nov 2019
b'Kaspersky'
disclosed a bug submitted by
b'palant'
b"[IE browser integration] Websites can hijack Kaspersky's command interface"
24 Nov 2019
b'Razer'
disclosed a bug submitted by
b'enesdexh1'
b'DOM XSS at https://www.thx.com in IE/Edge browser'
23 Nov 2019
1
...
342
343
344
345
346
...
732
BY DENIS WERNER - @NOBBD -
IMPRESSUM