REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Nextcloud'
disclosed a bug submitted by
b'fancycode'
b'Uploading large avatar images cause excessive CPU usage'
27 Jun 2019
b'Nextcloud'
disclosed a bug submitted by
b'nickvergessen'
b'Private/confidential setting of calendar events is ignored on activity stream'
27 Jun 2019
b'Homebrew'
disclosed a bug submitted by
b'hi_ztz'
b'Homebrew privilege escalation vulnerability'
27 Jun 2019
b'HackerOne'
disclosed a bug submitted by
b'metnew'
b'Team member with Program permission only can escalate to Admin permission'
26 Jun 2019
b'OLX'
disclosed a bug submitted by
b'codeslayer137'
b'SQL Injection https://www.olx.co.id'
26 Jun 2019
b'Nextcloud'
disclosed a bug submitted by
b'mru1'
b' Predictable Random Number Generator'
26 Jun 2019
b'Nextcloud'
disclosed a bug submitted by
b'doragon'
b'Retrieval and alteration of exposed media on Android Oreo '
26 Jun 2019
b'Cuvva'
disclosed a bug submitted by
b'badcracker'
b'Unclaimed facebook page at www.cuvva.com/about'
25 Jun 2019
b'Upserve '
disclosed a bug submitted by
b'gamer7112'
b'DOM Based XSS via postMessage at https://inventory.upserve.com/login/'
25 Jun 2019
b'Mail.ru'
disclosed a bug submitted by
b's_p_q_r'
b'[e.mail.ru] XSS ? ??????'
25 Jun 2019
b'SEMrush'
disclosed a bug submitted by
b'fransrosen'
b'Remote Code Execution on www.semrush.com/my_reports on Logo upload'
24 Jun 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'toannc123'
b'[serve-here.js] List any file in the folder by using path traversal.'
24 Jun 2019
b'Tube8'
disclosed a bug submitted by
b'tony_tsep'
b'SSRF and local file disclosure by video upload on https://www.tube8.com/'
24 Jun 2019
b'YouPorn'
disclosed a bug submitted by
b'tony_tsep'
b'SSRF and local file disclosure by video upload on http://www.youporn.com/'
24 Jun 2019
b'Twitter'
disclosed a bug submitted by
b'seifelsallamy'
b'Verify any unused email address'
24 Jun 2019
b'Razer US'
disclosed a bug submitted by
b'lawway'
b'DLL Hijacking Vulnerability in synapse-2'
23 Jun 2019
b'Khan Academy'
disclosed a bug submitted by
b'dermeister'
b'Sensitive information/action is stored/done is done using a GET request'
23 Jun 2019
b'Automattic'
disclosed a bug submitted by
b'dermeister'
b'Broken Authentication - Security token gets captured via man in the middle attack'
22 Jun 2019
b'Automattic'
disclosed a bug submitted by
b'dermeister'
b'Captcha bypass for the most important function - At en.instagram-brand.com'
22 Jun 2019
b'Automattic'
disclosed a bug submitted by
b'dermeister'
b'Cross Domain leakage of sensitive information - Leading to Account Takeover at Instagram Brand'
22 Jun 2019
1
...
346
347
348
349
350
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM