REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Chaturbate'
disclosed a bug submitted by
b'encrypt'
b"Stats Token doesn't expire after deactivating account"
27 Sep 2018
b'Chaturbate'
disclosed a bug submitted by
b'encrypt'
b'CSRF in REPORT EMOTICON feature'
27 Sep 2018
b'Chaturbate'
disclosed a bug submitted by
b'encrypt'
b'Private and group tokens per minute endpoint active for disabled users'
27 Sep 2018
b'Nextcloud'
disclosed a bug submitted by
b'cyphar'
b'twofactor_auth bypassable if provider fails to load'
27 Sep 2018
b'Vanilla'
disclosed a bug submitted by
b'mr_r0w07'
b'Unsanitized input in email field'
27 Sep 2018
b'Rocket.Chat'
disclosed a bug submitted by
b'edoverflow'
b'Blind XSS in the rocket.chat registration email'
26 Sep 2018
b'Chaturbate'
disclosed a bug submitted by
b'kazan71p'
b'[chatws25.stream.highwebmedia.com] - Reflected XSS in c parameter'
26 Sep 2018
b'PortSwigger Web Security'
disclosed a bug submitted by
b'allenaleen'
b'Browser Self XSS Protection not implemented'
26 Sep 2018
b'Weblate'
disclosed a bug submitted by
b'c0narp'
b'no notification send to victim if attacker hacks/accesses his victims WebLate account.'
26 Sep 2018
b'Weblate'
disclosed a bug submitted by
b'hallaleen'
b'Browser Self XSS Protection not implemented'
26 Sep 2018
b'Weblate'
disclosed a bug submitted by
b'crazy_wonk'
b'Broken Authentication \xe2\x80\x93 Session Token bug'
26 Sep 2018
b'Nextcloud'
disclosed a bug submitted by
b'icewater'
b'Shared file link - password protection bypass under certain conditions'
25 Sep 2018
b'Ubiquiti Networks'
disclosed a bug submitted by
b'aidantwoods'
b'Reflected XSS'
25 Sep 2018
b'Nextcloud'
disclosed a bug submitted by
b'mohdhaji87'
b'Access control issue -- [Allow file system access not validated when using session auth]'
25 Sep 2018
b'Brave Software'
disclosed a bug submitted by
b'metnew'
b'`chrome://brave` available for navigation in Release build [-> RCE] + navigation to `chrome://*` using tab_helper ["Open in new tab"]'
25 Sep 2018
b'Brave Software'
disclosed a bug submitted by
b'metnew'
b'Local files reading from the web using `brave://`'
25 Sep 2018
b'Brave Software'
disclosed a bug submitted by
b'metnew'
b'Torrent extension: Cross-origin downloading + "URL spoofing" + CSP-blocked XSS'
24 Sep 2018
b'Brave Software'
disclosed a bug submitted by
b'metnew'
b'Navigation to `chrome-extension://` origin (internal pages) from the web'
24 Sep 2018
b'Brave Software'
disclosed a bug submitted by
b'metnew'
b'Unsafe handling of protocol handlers'
24 Sep 2018
b'Brave Software'
disclosed a bug submitted by
b'metnew'
b'Navigation to protocol handler URL from the opened page displayed as a request from this page.'
24 Sep 2018
1
...
390
391
392
393
394
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM