Top10 publishers:
bobrov114 
linkks75 
geeknik72 
sp1d3rs63 
jobert57 
netfuzzer47 
guido45 Twitter
bl4de42 
ryat40 
bigbear_38 

the unofficial HackerOne disclosure timeline.

X
Anghami disclosed a bug submitted by egyxos Twitter
[CRITICAL] Login To Any Account Linked With Google+ With Email Only
02 Oct 2015 timeline
Hired disclosed a bug submitted by mohammedalsaggaf 
URGENT - Subdomain Takeover on be.hired.com. due to unclaimed domain pointing to Heroku.com
01 Oct 2015 timeline
Phabricator disclosed a bug submitted by superkritisch 
Multiple so called 'type juggling' attacks. Most notably PhabricatorUser::validateCSRFToken() is 'bypassable' in certain cases.
01 Oct 2015 timeline
Zaption disclosed a bug submitted by psychomantis Twitter
CSV Excel Macro Injection in Export Response
01 Oct 2015 timeline
Hired disclosed a bug submitted by yujitounai 
Stored XSS in Company Name
30 Sep 2015 timeline
Shopify disclosed a bug submitted by acid_creative 
Passwords Returned in Later Responses.
30 Sep 2015 timeline
Shopify disclosed a bug submitted by prakharprasad Twitter
Prevent Shop Admin From Seeing his Installed Apps / Install Persistent Unremovable App
29 Sep 2015 timeline
PHP disclosed a bug submitted by libnex 
Null pointer dereference in phar_get_fp_offset()
29 Sep 2015 timeline
PHP disclosed a bug submitted by haquaman 
Uninitialized pointer in phar_make_dirstream
29 Sep 2015 timeline
Vimeo disclosed a bug submitted by vijay_kumar1110 Twitter
Share your channel to any user on vimeo without following him
28 Sep 2015 timeline
ownCloud disclosed a bug submitted by bigbear_ 
[s3.owncloud.com] Web Server HTTP Trace/Track Method Support
28 Sep 2015 timeline
ownCloud disclosed a bug submitted by ashish_padelkar 
No email verification during registration
28 Sep 2015 timeline
QIWI disclosed a bug submitted by pradeepch99 
Session Cookie without HttpOnly and secure flag set
27 Sep 2015 timeline
Python disclosed a bug submitted by hugbounter 
Integer overflow in _Unpickler_Read
26 Sep 2015 timeline
Udemy disclosed a bug submitted by decay 
Extremely high Course rating values could be set in order to make really high Average rating of the course. Negative values could be set to.
25 Sep 2015 timeline
HackerOne disclosed a bug submitted by ericr 
Minor Bug: Public un-compiled CSS with original sass, versioning, source map, comments, etc.
25 Sep 2015 timeline
Shopify disclosed a bug submitted by dvl 
Notification request disclose private information about other myshopify accounts
24 Sep 2015 timeline
Gratipay disclosed a bug submitted by ashesh 
DKIM records not present, Email Hijacking is possible
23 Sep 2015 timeline
HackerOne disclosed a bug submitted by appsec3 
CSV Injection with the CVS export feature
21 Sep 2015 timeline
Twitter disclosed a bug submitted by isox 
POODLE Bug: 199.16.156.44, 199.16.156.108, mx4.twitter.com
20 Sep 2015 timeline
1 ... 383 384 385 386 387 ... 447
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM