Top10 publishers:
bobrov114 
linkks75 
geeknik72 
sp1d3rs63 
jobert57 
netfuzzer47 
guido45 Twitter
bl4de42 
ryat40 
bigbear_38 

the unofficial HackerOne disclosure timeline.

X
Uber disclosed a bug submitted by ddworken 
Changing Driver Passwords With Only an Authenticated Session (no password, no email)
13 Jun 2016 timeline
Uber disclosed a bug submitted by ddworken 
Uploading Plain Text to uber-documents.s3.amazonaws.com Through the Driver Document Upload Page
13 Jun 2016 timeline
Uber disclosed a bug submitted by anish2good Twitter
Uber password reset link EMAIL FLOOD
13 Jun 2016 timeline
Uber disclosed a bug submitted by mini 
Privilege escalation to allow non activated users to login and use uber partner ios app
13 Jun 2016 timeline
Uber disclosed a bug submitted by r0t Twitter
Possibility to brute force invite codes in riders.uber.com
13 Jun 2016 timeline
Uber disclosed a bug submitted by patrik 
Stored Cross Site Scripting [SELF] in partners.uber.com
13 Jun 2016 timeline
Uber disclosed a bug submitted by blueberryinfosec 
Create account in uber without signup form
13 Jun 2016 timeline
Uber disclosed a bug submitted by xss001 
Self-XSS Vulnerability on Password Reset Form
13 Jun 2016 timeline
Uber disclosed a bug submitted by rohk 
Active Email Hyperlink Sent on riders.uber.com
13 Jun 2016 timeline
drchrono disclosed a bug submitted by sasi2103 Twitter
XML Parser Bug: XXE over which leads to RCE
13 Jun 2016 timeline
drchrono disclosed a bug submitted by mugeesahmed 
XSS in Blog
13 Jun 2016 timeline
drchrono disclosed a bug submitted by ahsantahirat 
Ngnix Server version disclosure
13 Jun 2016 timeline
drchrono disclosed a bug submitted by muzammilabbaskayani 
Bypassing Password Reset
13 Jun 2016 timeline
drchrono disclosed a bug submitted by ullger 
Bypass password complexity requirements on passsword reset page
13 Jun 2016 timeline
drchrono disclosed a bug submitted by bashlogic 
node.drchrono.com - Information Disclosure and Windows Host Exposed
13 Jun 2016 timeline
drchrono disclosed a bug submitted by yaworsk Twitter
Stored XSS via AngularJS Injection
13 Jun 2016 timeline
New Relic disclosed a bug submitted by shailesh4594 
Open redirection bypass
13 Jun 2016 timeline
Moneybird disclosed a bug submitted by hackheaven123 
Stored XSS in Financial Account executing in Bank tab
13 Jun 2016 timeline
New Relic disclosed a bug submitted by vikinghoarder 
rpm.newrelic.com - monitor creation to other accounts
13 Jun 2016 timeline
Moneybird disclosed a bug submitted by hackheaven 
Malicious File Upload
13 Jun 2016 timeline
1 ... 349 350 351 352 353 ... 448
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM