Top10 publishers:
b'bobrov'117 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'sp1d3rs'68 
b'someonenobbd'62 
b'nyymi'55 
b'jon_bottarini'49 
b'haxta4ok00'48 
b'netfuzzer'48 

the unofficial HackerOne disclosure timeline.

X
b'Nextcloud' disclosed a bug submitted by b'ismailtsdln' 
b'Information Exposure Through Directory Listing - https://apps.nextcloud.com/static/'
07 Jan 2019 timeline
b'CFP Time' disclosed a bug submitted by b'badcracker' 
b'Error Page Content Spoofing or Text Injection'
07 Jan 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'cris_semmle' 
b'Command Injection Vulnerability in kill-port Package'
06 Jan 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'skyn3t' 
b'[buttle] Unsafe rendering of Markdown files'
06 Jan 2019 timeline
b'Liberapay' disclosed a bug submitted by b'gouveaheitor' 
b'User Enumeration '
05 Jan 2019 timeline
b'HackerOne' disclosed a bug submitted by b'mga_bobo' 
b"User login page doesn't implement any form of rate limiting"
04 Jan 2019 timeline
b'Inflection' disclosed a bug submitted by b'csanuragjain' 
b'Malicious callback url can be set while creating application in identity'
03 Jan 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'shivasurya' 
b'[static-resource-server] Path Traversal allows to read content of arbitrary file on the server'
03 Jan 2019 timeline
b'Smule' disclosed a bug submitted by b'fr_0_ank' 
b'Disclosure of information about the system, configuration files.'
03 Jan 2019 timeline
b'HackerOne' disclosed a bug submitted by b'haxta4ok00' 
b'Submitting report through Embedded Submission form gives user indefinite access to a profile'
03 Jan 2019 timeline
b'Khan Academy' disclosed a bug submitted by b'sameerphad72' 
b'Creating Unlimited Fake Accounts.'
02 Jan 2019 timeline
b'HackerOne' disclosed a bug submitted by b'thefrog' 
b'@wearehackerone.com is vulnerable to namespace attacks due to hackerone.com not being RFC2142 compliant.'
02 Jan 2019 timeline
b'RATELIMITED' disclosed a bug submitted by b'z0mb13' 
b'Local File Download'
01 Jan 2019 timeline
b'VK.com' disclosed a bug submitted by b'shell_c0de' 
b'???????? ????? WebView'
31 Dec 2018 timeline
b'RubyGems' disclosed a bug submitted by b'nmalkin' 
b'Unpacker improperly validates symlinks, allowing gems writes to arbitrary locations'
31 Dec 2018 timeline
b'RATELIMITED' disclosed a bug submitted by b'wolfdroid' 
b'Exposure of tinyMCE js source code with plugin version disclosure which can leads to exploit further attacks.'
29 Dec 2018 timeline
b'Infogram' disclosed a bug submitted by b'marataziat' 
b'User account blocking by Internal Server error'
28 Dec 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'3la2kb' 
b'[http-live-simulator] Path traversal vulnerability'
28 Dec 2018 timeline
b'Python Cryptographic Authority' disclosed a bug submitted by b'sniper302' 
b'Reflected Xss bypass Content-Type: text/plain '
28 Dec 2018 timeline
b'Ruby on Rails' disclosed a bug submitted by b'rosa' 
b"ActiveStorage service's signed URLs can be hijacked via AppCache+Cookie stuffing trick when using GCS or DiskService"
27 Dec 2018 timeline
1 ... 372 373 374 375 376 ... 692
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM