REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Nextcloud'
disclosed a bug submitted by
b'ismailtsdln'
b'Information Exposure Through Directory Listing - https://apps.nextcloud.com/static/'
07 Jan 2019
b'CFP Time'
disclosed a bug submitted by
b'badcracker'
b'Error Page Content Spoofing or Text Injection'
07 Jan 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'cris_semmle'
b'Command Injection Vulnerability in kill-port Package'
06 Jan 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'skyn3t'
b'[buttle] Unsafe rendering of Markdown files'
06 Jan 2019
b'Liberapay'
disclosed a bug submitted by
b'gouveaheitor'
b'User Enumeration '
05 Jan 2019
b'HackerOne'
disclosed a bug submitted by
b'mga_bobo'
b"User login page doesn't implement any form of rate limiting"
04 Jan 2019
b'Inflection'
disclosed a bug submitted by
b'csanuragjain'
b'Malicious callback url can be set while creating application in identity'
03 Jan 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'shivasurya'
b'[static-resource-server] Path Traversal allows to read content of arbitrary file on the server'
03 Jan 2019
b'Smule'
disclosed a bug submitted by
b'fr_0_ank'
b'Disclosure of information about the system, configuration files.'
03 Jan 2019
b'HackerOne'
disclosed a bug submitted by
b'haxta4ok00'
b'Submitting report through Embedded Submission form gives user indefinite access to a profile'
03 Jan 2019
b'Khan Academy'
disclosed a bug submitted by
b'sameerphad72'
b'Creating Unlimited Fake Accounts.'
02 Jan 2019
b'HackerOne'
disclosed a bug submitted by
b'thefrog'
b'@wearehackerone.com is vulnerable to namespace attacks due to hackerone.com not being RFC2142 compliant.'
02 Jan 2019
b'RATELIMITED'
disclosed a bug submitted by
b'z0mb13'
b'Local File Download'
01 Jan 2019
b'VK.com'
disclosed a bug submitted by
b'shell_c0de'
b'???????? ????? WebView'
31 Dec 2018
b'RubyGems'
disclosed a bug submitted by
b'nmalkin'
b'Unpacker improperly validates symlinks, allowing gems writes to arbitrary locations'
31 Dec 2018
b'RATELIMITED'
disclosed a bug submitted by
b'wolfdroid'
b'Exposure of tinyMCE js source code with plugin version disclosure which can leads to exploit further attacks.'
29 Dec 2018
b'Infogram'
disclosed a bug submitted by
b'marataziat'
b'User account blocking by Internal Server error'
28 Dec 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'3la2kb'
b'[http-live-simulator] Path traversal vulnerability'
28 Dec 2018
b'Python Cryptographic Authority'
disclosed a bug submitted by
b'sniper302'
b'Reflected Xss bypass Content-Type: text/plain '
28 Dec 2018
b'Ruby on Rails'
disclosed a bug submitted by
b'rosa'
b"ActiveStorage service's signed URLs can be hijacked via AppCache+Cookie stuffing trick when using GCS or DiskService"
27 Dec 2018
1
...
372
373
374
375
376
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM