Top10 publishers:
bobrov114 
linkks74 
geeknik71 
sp1d3rs62 
jobert54 
guido45 Twitter
bl4de42 
ryat40 
bigbear_38 
zombiehelp5437 Twitter

the unofficial HackerOne disclosure timeline.

X
Shopify disclosed a bug submitted by juhhga 
Unauthenticated access to details of hidden products in any shop via title emuneration
23 Oct 2015 timeline
InVision disclosed a bug submitted by protector_47 
CSRF Token in cookies!
22 Oct 2015 timeline
Snapchat disclosed a bug submitted by protector_47 
Vulnerable to JavaScript injection. (WXS) (Javascript injection)!
22 Oct 2015 timeline
Shopify disclosed a bug submitted by dvl 
Paid account can review\download any invoice of any other shop
22 Oct 2015 timeline
Mail.Ru disclosed a bug submitted by bigbear_ 
[start.icq.com] Reflected XSS via Cookies
21 Oct 2015 timeline
Mail.Ru disclosed a bug submitted by bigbear_ 
[riot.mail.ru] Reflected XSS in debug-mode
21 Oct 2015 timeline
Shopify disclosed a bug submitted by reactors08 
www.shopify.com XSS on blog pages via sharing buttons
21 Oct 2015 timeline
HackerOne disclosed a bug submitted by rohan_x3 
Content spoofing on invitations page
21 Oct 2015 timeline
HackerOne disclosed a bug submitted by pranav_hivarekar Twitter
Privileged information of a private/sandboxed program is leaked in json response to an unauthorized user
21 Oct 2015 timeline
Shopify disclosed a bug submitted by pouya Twitter
Unauthorized access to all collections, products, pages from other stores
20 Oct 2015 timeline
Shopify disclosed a bug submitted by brakhane 
Arbitrary read on s3://shopify-delivery-app-storage/files
20 Oct 2015 timeline
Zopim disclosed a bug submitted by mdv 
Cross-site Scripting in all Zopim
20 Oct 2015 timeline
Automattic disclosed a bug submitted by blinkms 
XSS in WordPress
16 Oct 2015 timeline
Shopify disclosed a bug submitted by pulkit_pandey 
amazon aws s3 bucket content is public :- http://shopify.com.s3.amazonaws.com/
15 Oct 2015 timeline
Shopify disclosed a bug submitted by brakhane 
Arbitrary write on s3://shopify-delivery-app-storage/files
15 Oct 2015 timeline
PHP disclosed a bug submitted by sparaschoudis 
AddressSanitizer reports a global buffer overflow in mkgmtime() function
15 Oct 2015 timeline
PHP disclosed a bug submitted by sparaschoudis 
Integer overflow in unserialize() (32-bits only)
15 Oct 2015 timeline
Vimeo disclosed a bug submitted by satishb3 
A user can enhance their videos with paid tracks without buying the track
14 Oct 2015 timeline
Shopify disclosed a bug submitted by marhvhelous 
Privilege escalation vulnerability
14 Oct 2015 timeline
Shopify disclosed a bug submitted by pouya Twitter
change Login Services settings without owner access
14 Oct 2015 timeline
1 ... 353 354 355 356 357 ... 419
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM