REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
58
b'ooooooo_q'
52
b'haxta4ok00'
49
b'jon_bottarini'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'HackerOne'
disclosed a bug submitted by
b'hillybot__'
b"any user could upload attachments to pentest scoping form they don't have access to"
15 May 2024
b'HackerOne'
disclosed a bug submitted by
b'hacktus'
b'LLM01: Invisible Prompt Injection'
13 May 2024
b'HackerOne'
disclosed a bug submitted by
b'darkc0d3'
b'Possible PII Disclosure via Advanced Vetting Process - '
13 May 2024
b'HackerOne'
disclosed a bug submitted by
b'lu3ky-13'
b'Cloud Computer Hackerone Triager can be Accessible for everyone [h1_analyst_lucas+view@wearehackerone.com] computer'
10 May 2024
b'X (Formerly Twitter)'
disclosed a bug submitted by
b'th0h0'
b'Cross-Domain Leakage of X Username / UserID due to Dynamically Generated JS File'
10 May 2024
b'X (Formerly Twitter)'
disclosed a bug submitted by
b'mirhat'
b'Ability to see hidden likes'
10 May 2024
b'HackerOne'
disclosed a bug submitted by
b'sarthakbhingare015'
b'Confirmed #2118458: Intentional redirect from www.hackerone.com to domain which is up for sale'
09 May 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'guido'
b'CVE-2019-1551: rsaz_512_sqr overflow bug on x86_64'
09 May 2024
b'Tools for Humanity'
disclosed a bug submitted by
b'aghayeone'
b'IDOR - Leaking of team data (name, email, ID, member ID) via POST /api/v1/graphql `FetchMemberships` operation'
09 May 2024
b'Teleport'
disclosed a bug submitted by
b'mr_asg'
b'A member with editor permissions can create an access list that cannot be modified, viewed, or deleted'
08 May 2024
b'Mattermost'
disclosed a bug submitted by
b'ramsakal7582'
b"Member role which doesn't have permission to send message can send by executing channel commands"
08 May 2024
b'Shipt'
disclosed a bug submitted by
b'doomerhunter'
b"Improper Access Control + Financial fraud allows attacker to disclose + add arbitrary products to another's user's order "
08 May 2024
b'curl'
disclosed a bug submitted by
b'z3r0yu'
b'Incorrect Type Conversion in interpreting IPv4-mapped IPv6 addresses and below `curl` results in indeterminate SSRF vulnerabilities.'
08 May 2024
b'IBM'
disclosed a bug submitted by
b'redyetihacks'
b'XSS in Aspera documentation website'
06 May 2024
b'Liberapay'
disclosed a bug submitted by
b'mrrobot2050'
b'Unsafe yaml load can lead to remote code execution'
04 May 2024
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'maskedpersian'
b'Reflected XSS via Keycloak on [CVE-2021-20323]'
03 May 2024
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'maskedpersian'
b'reflected xss [CVE-2020-3580]'
03 May 2024
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'neg0x'
b'Reflected Cross-site Scripting via search query on '
03 May 2024
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'kurogai'
b'Reflected XSS on error message on Login Page'
03 May 2024
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'maskedpersian'
b'Reflected XSS via Moodle on [CVE-2022-35653]'
03 May 2024
1
...
34
35
36
37
38
...
729
BY DENIS WERNER - @NOBBD -
IMPRESSUM
