REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Node.js third-party modules'
disclosed a bug submitted by
b'bl4de'
b'[statics-server] Path Traversal due to lack of provided path sanitization'
03 Apr 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'danny_grander'
b'Regular Expression Denial of Service (ReDoS)'
03 Apr 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'tiblu'
b'Remote code executio in NPM package getcookies'
03 Apr 2019
b'Rockstar Games'
disclosed a bug submitted by
b'jtjisgod'
b'Open redirect vulnerability'
03 Apr 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'cris_semmle'
b'Code Injection Vulnerability in dot Package'
03 Apr 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'asgerf'
b'Prototype pollution attack through jQuery $.extend'
02 Apr 2019
b'Mail.ru'
disclosed a bug submitted by
b'ruvlol'
b'XXE on pulse.mail.ru'
02 Apr 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'verichains'
b'[typeorm] SQL Injection'
02 Apr 2019
b'Twitter'
disclosed a bug submitted by
b'giddsec'
b'Multiple XSS on account settings that can hijack any users in the company. '
01 Apr 2019
b'Twitter'
disclosed a bug submitted by
b'giddsec'
b'Stored XSS on reports.'
01 Apr 2019
b'Ruby'
disclosed a bug submitted by
b'ooooooo_q'
b'Command injection in Pathname'
01 Apr 2019
b'PortSwigger Web Security'
disclosed a bug submitted by
b'freetom'
b'DLL Hijacking in Burp Suite Pro 2.0.19 Installer'
01 Apr 2019
b'Ubiquiti Networks'
disclosed a bug submitted by
b'fr33rh'
b'Login as root without password on EdgeSwitchX'
31 Mar 2019
b'Ubiquiti Networks'
disclosed a bug submitted by
b'fr33rh'
b'Privilege-0 to Root Privilege Escalation on EdgeSwitch'
31 Mar 2019
b'Ubiquiti Networks'
disclosed a bug submitted by
b'fr33rh'
b'EdgeSwitch Command Injection'
31 Mar 2019
b'Lob'
disclosed a bug submitted by
b'jaykpatel'
b'Blind SSRF/XSPA on dashboard.lob.com + blind code injection'
28 Mar 2019
b'JamieWeb'
disclosed a bug submitted by
b'mik317'
b'Security headers missed on https://acme-validation.jamieweb.net/'
28 Mar 2019
b'Augur'
disclosed a bug submitted by
b'the_arch_angel'
b'Open s3 bucket allows for public upload'
26 Mar 2019
b'Ping Identity'
disclosed a bug submitted by
b'ziot'
b'Server-Side Request Forgery on SAML Application - Import via URL'
26 Mar 2019
b'Ping Identity'
disclosed a bug submitted by
b'rijalrojan'
b'SaaS admin can modify/delete/get user information.'
26 Mar 2019
1
...
362
363
364
365
366
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM