REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
81
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
60
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'HackerOne'
disclosed a bug submitted by
b'metnew'
b'Team member with Program permission only can escalate to Admin permission'
26 Jun 2019
b'OLX'
disclosed a bug submitted by
b'codeslayer137'
b'SQL Injection https://www.olx.co.id'
26 Jun 2019
b'Nextcloud'
disclosed a bug submitted by
b'mru1'
b' Predictable Random Number Generator'
26 Jun 2019
b'Nextcloud'
disclosed a bug submitted by
b'doragon'
b'Retrieval and alteration of exposed media on Android Oreo '
26 Jun 2019
b'Cuvva'
disclosed a bug submitted by
b'badcracker'
b'Unclaimed facebook page at www.cuvva.com/about'
25 Jun 2019
b'Upserve '
disclosed a bug submitted by
b'gamer7112'
b'DOM Based XSS via postMessage at https://inventory.upserve.com/login/'
25 Jun 2019
b'Mail.ru'
disclosed a bug submitted by
b's_p_q_r'
b'[e.mail.ru] XSS ? ??????'
25 Jun 2019
b'SEMrush'
disclosed a bug submitted by
b'fransrosen'
b'Remote Code Execution on www.semrush.com/my_reports on Logo upload'
24 Jun 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'toannc123'
b'[serve-here.js] List any file in the folder by using path traversal.'
24 Jun 2019
b'Tube8'
disclosed a bug submitted by
b'tony_tsep'
b'SSRF and local file disclosure by video upload on https://www.tube8.com/'
24 Jun 2019
b'YouPorn'
disclosed a bug submitted by
b'tony_tsep'
b'SSRF and local file disclosure by video upload on http://www.youporn.com/'
24 Jun 2019
b'Twitter'
disclosed a bug submitted by
b'seifelsallamy'
b'Verify any unused email address'
24 Jun 2019
b'Razer US'
disclosed a bug submitted by
b'lawway'
b'DLL Hijacking Vulnerability in synapse-2'
23 Jun 2019
b'Khan Academy'
disclosed a bug submitted by
b'dermeister'
b'Sensitive information/action is stored/done is done using a GET request'
23 Jun 2019
b'Automattic'
disclosed a bug submitted by
b'dermeister'
b'Broken Authentication - Security token gets captured via man in the middle attack'
22 Jun 2019
b'Automattic'
disclosed a bug submitted by
b'dermeister'
b'Captcha bypass for the most important function - At en.instagram-brand.com'
22 Jun 2019
b'Automattic'
disclosed a bug submitted by
b'dermeister'
b'Cross Domain leakage of sensitive information - Leading to Account Takeover at Instagram Brand'
22 Jun 2019
b'Automattic'
disclosed a bug submitted by
b'dermeister'
b'Authentication Bypass - Chaining two vulnerabilities leads to account takeover at en.instagram-brand.com'
22 Jun 2019
b'Trint Ltd'
disclosed a bug submitted by
b'dhakalananda'
b'IDOR in changing shared file name'
22 Jun 2019
b'Slack'
disclosed a bug submitted by
b'freem0'
b'Information leakage and default open port'
22 Jun 2019
1
...
387
388
389
390
391
...
733
BY DENIS WERNER - @NOBBD -
IMPRESSUM