REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'HackerOne'
disclosed a bug submitted by
b'rohitdua'
b'Missing rate limit on critical user actions e.g. reset password, change email, disable account.'
11 Apr 2019
b'HackerOne'
disclosed a bug submitted by
b'whhackersbr'
b'HackerOne Integrations Design Issue'
11 Apr 2019
b'VK.com'
disclosed a bug submitted by
b'norver'
b'??????????? ??????? ???????? VK API ? ?????????? ??????'
11 Apr 2019
b'RubyGems'
disclosed a bug submitted by
b'ooooooo_q'
b'Delete directory using symlink when decompressing tar'
11 Apr 2019
b'Slack'
disclosed a bug submitted by
b'rubaljain'
b'Real Time Error Logs Through Debug Information'
11 Apr 2019
b'HackerOne'
disclosed a bug submitted by
b'rohitdua'
b'Lack of length validation on user address attribute'
11 Apr 2019
b'HackerOne'
disclosed a bug submitted by
b'haxta4ok00'
b'Repeated mediation requests and multiple emails possible on a report.'
11 Apr 2019
b'Shopify'
disclosed a bug submitted by
b'fransrosen'
b'H1514 Simple phishing using auto-created modal with weak URL-pattern check in incontext_app_link'
10 Apr 2019
b'HackerOne'
disclosed a bug submitted by
b'corb3nik'
b'Verbose PHP error messages exposed on a blog article'
10 Apr 2019
b'Starbucks'
disclosed a bug submitted by
b'13ern'
b'Stored XSS on www.starbucks.com.sg/careers/career-center/career-landing-*'
10 Apr 2019
b'Shopify'
disclosed a bug submitted by
b'cablej'
b'H1514 Wholesale customer without checkout permission can complete purchases'
10 Apr 2019
b'Twitter'
disclosed a bug submitted by
b'filedescriptor'
b'Insufficient OAuth callback validation which leads to Periscope account takeover'
10 Apr 2019
b'Starbucks'
disclosed a bug submitted by
b'spaceraccoon'
b'RCE and Complete Server Takeover of http://www.?????.starbucks.com.sg/'
10 Apr 2019
b'HackerOne'
disclosed a bug submitted by
b'kirils'
b'Hogging up all the resources on hackerone.com'
10 Apr 2019
b'GitLab'
disclosed a bug submitted by
b'ngalog'
b'Bypass of GitLab CI runner slash fix in YAML validation'
10 Apr 2019
b'HackerOne'
disclosed a bug submitted by
b'flashdisk'
b'Emails of invited collaborators are disclosed in full in payload for report participants'
09 Apr 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'skyn3t'
b'[harp] Path traversal using symlink'
09 Apr 2019
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'cablej_dds'
b'Access to all ????????? files, including CAC authentication bypass'
08 Apr 2019
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'cablej_dds'
b'??? exposes sensitive shipment information to public web'
08 Apr 2019
b'50m-ctf'
disclosed a bug submitted by
b'manoelt'
b'$50 million CTF Writeup'
08 Apr 2019
1
...
359
360
361
362
363
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM