REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
81
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
60
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Shopify'
disclosed a bug submitted by
b'rijalrojan'
b'H1514 Extract information about other sites (new sites) through Affiliate/Referral pages'
04 Nov 2019
b'Shopify'
disclosed a bug submitted by
b'bored-engineer'
b'H1514 DOM XSS on checkout.shopify.com via postMessage handler on /:id/sandbox/google_maps'
04 Nov 2019
b'Shopify'
disclosed a bug submitted by
b'teknogeek'
b'H1514 Ability to MiTM Shopify PoS Session to Takeover Communications'
04 Nov 2019
b'Shopify'
disclosed a bug submitted by
b'emitrani'
b'H1514 Get access to non public information by pivoting with graphql queries'
03 Nov 2019
b'OLX'
disclosed a bug submitted by
b'ameytakekar'
b'Reflected XSS on www.olx.co.id via ad_type parameter'
03 Nov 2019
b'OLX'
disclosed a bug submitted by
b'ameytakekar'
b'Reflected XSS on m.olx.co.id via ad_type parameter'
03 Nov 2019
b'PuTTY (European Commission - D'
disclosed a bug submitted by
b'geeknik'
b'puttygen: 160MB memory leak while trying to extract openssh public key from crafted key file'
03 Nov 2019
b'PuTTY (European Commission - D'
disclosed a bug submitted by
b'geeknik'
b'puttygen: heap-buffer-overflow in mp_get_decimal()'
03 Nov 2019
b'PuTTY (European Commission - D'
disclosed a bug submitted by
b'geeknik'
b'heap-use-after-free (READ of size 8) in main()'
03 Nov 2019
b'PuTTY (European Commission - D'
disclosed a bug submitted by
b'geeknik'
b" Assertion `len == 1' failed, process aborted while streaming ouput from remote server"
03 Nov 2019
b'PuTTY (European Commission - D'
disclosed a bug submitted by
b'geeknik'
b"Assertion `col >= 0 && col < line->cols' failed, process aborted while streaming ouput from remote server"
03 Nov 2019
b'WordPress'
disclosed a bug submitted by
b'geeknik'
b'plugins.trac.wordpress.org likely vulnerable to Cross Site Tracing (xst), TRACE HTTP method should be disabled'
03 Nov 2019
b'Dropbox'
disclosed a bug submitted by
b'geeknik'
b'avrecode: global-buffer-overflow in get_neighbor()'
03 Nov 2019
b'PHP (IBB)'
disclosed a bug submitted by
b'fms'
b'wddx_deserialize use-after-free'
03 Nov 2019
b'New Relic'
disclosed a bug submitted by
b'dangkhai'
b'[Bypass] Code injection to open redirect in https://insights.newrelic.com/accounts/2521182/dashboards/1026927'
02 Nov 2019
b'New Relic'
disclosed a bug submitted by
b'specialagent'
b'The impossibility of inclusion of the trial (BROWSER)'
02 Nov 2019
b'Shopify'
disclosed a bug submitted by
b'cablej'
b'H1514 Stored XSS on Wholesale sales channel allows cross-organization data leakage'
01 Nov 2019
b'SEMrush'
disclosed a bug submitted by
b'dangkhai'
b'Code injection in https://www.semrush.com'
01 Nov 2019
b'curl'
disclosed a bug submitted by
b'b2x2r'
b'Active Mixed Content over HTTPS'
01 Nov 2019
b'curl'
disclosed a bug submitted by
b'b2x2r'
b'Insecure Frame (External)'
01 Nov 2019
1
...
355
356
357
358
359
...
733
BY DENIS WERNER - @NOBBD -
IMPRESSUM