REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b"Hanno's projects"
disclosed a bug submitted by
b'oreamnos'
b'SQL injection in Serendipity (serendipity_fetchComments)'
09 Nov 2018
b'Khan Academy'
disclosed a bug submitted by
b'rootbakar'
b'Possible Take Over Subdomain For Inbound Emails '
08 Nov 2018
b'Shopify'
disclosed a bug submitted by
b'h13-'
b'PII disclosure -- Past team members & their email ID(personal email) can be viewed by Staff member with no permissions on Partner Dashboard'
08 Nov 2018
b'Shopify'
disclosed a bug submitted by
b'rijalrojan'
b'Disclosure of Github Issues'
08 Nov 2018
b'HackerOne'
disclosed a bug submitted by
b'adac95'
b'Self DOM-Based XSS in www.hackerone.com'
08 Nov 2018
b'HackerOne'
disclosed a bug submitted by
b'tolo7010'
b"Disclosure of top 10 vulnerability types for programs that haven't enabled the Insights feature"
07 Nov 2018
b'HackerOne'
disclosed a bug submitted by
b'ateek'
b'Proper verification is not done before sending invitations to researchers for certain private programs with rules e.g. "Participants must be US-based"'
07 Nov 2018
b'Shopify'
disclosed a bug submitted by
b'dr_dragon'
b'Stored xss'
07 Nov 2018
b'DuckDuckGo'
disclosed a bug submitted by
b'smither'
b'DOM XSS on 50x.html page on proxy.duckduckgo.com'
07 Nov 2018
b'Shopify'
disclosed a bug submitted by
b'palant'
b'App messaging can be hijacked by third-party websites'
07 Nov 2018
b'Shopify'
disclosed a bug submitted by
b'palant'
b'Admin bar: Incomplete message origin validation results in XSS'
07 Nov 2018
b'Ubiquiti Networks'
disclosed a bug submitted by
b'hamlon'
b'UniFi Video Server - Broken access control on system configuration'
07 Nov 2018
b'Ubiquiti Networks'
disclosed a bug submitted by
b'hamlon'
b'UniFi Video Server - Arbitrary file upload as SYSTEM'
07 Nov 2018
b'TTS Bug Bounty'
disclosed a bug submitted by
b'cablej_dds'
b'Redirect on authorization allows account compromise'
06 Nov 2018
b'PayPal'
disclosed a bug submitted by
b'stefanofinding'
b'XSS [flow] - on www.paypal.com/paypalme/my/landing (requires user interaction)'
06 Nov 2018
b'Mail.Ru'
disclosed a bug submitted by
b'bobrov'
b'[info.tmgame.mail.ru] Apache Server Status'
06 Nov 2018
b'Mail.Ru'
disclosed a bug submitted by
b'bobrov'
b'[evo2.my.com] Internet Explorer XSS'
06 Nov 2018
b'Mail.Ru'
disclosed a bug submitted by
b'bobrov'
b'[lk-cdn.3igames.mail.ru] apc.php'
06 Nov 2018
b'Mail.Ru'
disclosed a bug submitted by
b'bobrov'
b'[new.wf.mail.ru] XSS Request-URI'
06 Nov 2018
b'Mail.Ru'
disclosed a bug submitted by
b'bobrov'
b'[beta.tracker.my.com] XSS Request-URI'
06 Nov 2018
1
...
381
382
383
384
385
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM