REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'RATELIMITED'
disclosed a bug submitted by
b'hach3ro'
b'HTTP PUT method enabled'
11 Dec 2018
b'HackerOne'
disclosed a bug submitted by
b'haxta4ok00'
b'Inline banner on Report page discloses whether organization runs a private program'
11 Dec 2018
b'RubyGems'
disclosed a bug submitted by
b'plover'
b'DNS SRV lookup of file:// sources enables local hijacking of gems'
11 Dec 2018
b'RATELIMITED'
disclosed a bug submitted by
b'emitrani'
b'HTTP PUT method enabled'
11 Dec 2018
b'Twitter'
disclosed a bug submitted by
b'nahoragg'
b'CORS misconfig | Account Takeover'
10 Dec 2018
b'RubyGems'
disclosed a bug submitted by
b'mrunal'
b'Cross-Domain JavaScript Source File Inclusion '
10 Dec 2018
b'QIWI'
disclosed a bug submitted by
b'igorpyan'
b'??????????? ??????????? ?? ????? qiwi.com ?? ????? ????? ????????'
10 Dec 2018
b'MariaDB'
disclosed a bug submitted by
b'c0rv4x'
b'Github wiki is editable by anyone'
10 Dec 2018
b'RubyGems'
disclosed a bug submitted by
b'claudijd'
b'Request Hijacking Vulnerability in RubyGems 2.6.13 and earlier'
08 Dec 2018
b'RubyGems'
disclosed a bug submitted by
b'ooooooo_q'
b'65534 times efficient, Brute-force attack for api_key'
08 Dec 2018
b'OLX'
disclosed a bug submitted by
b'secpentester1337'
b'XSS Reflected at SEARCH >>'
08 Dec 2018
b'Khan Academy'
disclosed a bug submitted by
b'sarmadkhan'
b'Cross site scripting (content-sniffing)'
08 Dec 2018
b'Nextcloud'
disclosed a bug submitted by
b'c0rv4x'
b'Github wikis are editable by anyone '
07 Dec 2018
b'Phabricator'
disclosed a bug submitted by
b'insufficiententropy'
b'TOTP Key is shorter than RFC 4226 recommended minimum'
07 Dec 2018
b'SEMrush'
disclosed a bug submitted by
b'jimgogogo'
b"Stored XSS in '' Section and WAF Bypass"
07 Dec 2018
b'SEMrush'
disclosed a bug submitted by
b'ankit_singh'
b'Open Redirect'
07 Dec 2018
b'Twitter'
disclosed a bug submitted by
b'csanuragjain'
b'Global defaming of any twitter user'
06 Dec 2018
b'Shopify'
disclosed a bug submitted by
b'vijay_kumar1110'
b'Read access to hidden orders,products,customers etc. by limited access Staff member through reference page in Comments (Information disclosure )'
06 Dec 2018
b'Avito'
disclosed a bug submitted by
b'lincoln9932'
b'reflected XSS avito.ru'
06 Dec 2018
b'Discourse'
disclosed a bug submitted by
b'avinash_'
b'Account takeover at https://try.discourse.org due to no CSRF protection in connecting Yahoo account'
06 Dec 2018
1
...
375
376
377
378
379
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM