REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Rocket.Chat'
disclosed a bug submitted by
b'mattaustin'
b'Remote Code Execution in Rocket.Chat Desktop'
18 Sep 2018
b'Brave Software'
disclosed a bug submitted by
b'masatokinugawa'
b'Sending arbitrary IPC messages via overriding Function.prototype.apply'
18 Sep 2018
b'Brave Software'
disclosed a bug submitted by
b'masatokinugawa'
b'Sending arbitrary IPC messages via overriding Array.prototype.push'
18 Sep 2018
b'Brave Software'
disclosed a bug submitted by
b'masatokinugawa'
b'Brave Browser unexpectedly allows to send arbitrary IPC messages'
18 Sep 2018
b'Shopify'
disclosed a bug submitted by
b'rms'
b'From full-access account to Account Owner'
18 Sep 2018
b'BOHEMIA INTERACTIVE a.s.'
disclosed a bug submitted by
b'hack2684'
b'Weak Password Policy on Signup at https://accounts.bistudio.com/auth'
18 Sep 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'lirantal'
b'http-live-simulator npm module is prone to path traversal attacks'
18 Sep 2018
b'Dropbox'
disclosed a bug submitted by
b'phwd'
b'Dropbox employee benefits documents are available in a test Dropbox folder'
17 Sep 2018
b'New Relic'
disclosed a bug submitted by
b'hackerone77-222'
b'DNS misconfiguration on email.alerts.newrelic.com'
17 Sep 2018
b'BOHEMIA INTERACTIVE a.s.'
disclosed a bug submitted by
b'meals'
b'IDOR to view User Order Information'
17 Sep 2018
b'BOHEMIA INTERACTIVE a.s.'
disclosed a bug submitted by
b'meals'
b'217.147.95.145 NFS Exposed with Zeus Server configs'
17 Sep 2018
b'Zomato'
disclosed a bug submitted by
b'akhil-reni'
b'[www.zomato.com] Tampering with Order Quantity and paying less amount then actual amount, leads to business loss'
17 Sep 2018
b'Uber'
disclosed a bug submitted by
b'mefkan'
b'Reflected XSS on Partners Subdomain'
16 Sep 2018
b'Greenhouse.io'
disclosed a bug submitted by
b'irvinlim'
b'Cache poisoning using NULL bytes and long URLs'
16 Sep 2018
b'Greenhouse.io'
disclosed a bug submitted by
b'irvinlim'
b'Bypass of request line length limit to DoS via cache poisoning'
16 Sep 2018
b'BOHEMIA INTERACTIVE a.s.'
disclosed a bug submitted by
b'ethancruize'
b'Stealing Users OAUTH Tokens via redirect_uri '
14 Sep 2018
b'Dropbox'
disclosed a bug submitted by
b'todayisnew'
b'Exposed Git Repo at http://fileserver.dropboxbusiness.com'
14 Sep 2018
b'Shipt'
disclosed a bug submitted by
b's3cur3'
b'Any user can completely delete their own account without authorization and/or going through any kind of membership cancellation protocol.'
12 Sep 2018
b'OV-chipkaart'
disclosed a bug submitted by
b'bandjes'
b'Personal data of all Dutch public transport cards ("OV-Chipkaart") accessible'
11 Sep 2018
b'HubSpot'
disclosed a bug submitted by
b'm7mdharoun'
b'Reflected XSS and Server Side Template Injection in all HubSpot CMSes'
11 Sep 2018
1
...
393
394
395
396
397
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM