REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
56
b'ooooooo_q'
50
b'jon_bottarini'
49
b'haxta4ok00'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Nextcloud'
disclosed a bug submitted by
b'rullzer'
b'OAuth2 client_secret stored in plain text in the database'
15 Nov 2023
b'Cloudflare Public Bug Bounty'
disclosed a bug submitted by
b'suzuka'
b'Yet Another CASB Integration Takeover of Active Integrations'
13 Nov 2023
b'Internet Bug Bounty'
disclosed a bug submitted by
b'balis0ng'
b'CVE-2023-42663: Apache Airflow: Bypass permission verification to view task instances of other dags'
13 Nov 2023
b'Mozilla Core Services'
disclosed a bug submitted by
b'mikey96'
b'Subdomain takeover on one of the subdomain under mozgcp.net'
12 Nov 2023
b'Mozilla Core Services'
disclosed a bug submitted by
b'd0xing'
b'Subdomain takeover on one of the subdomain under mozgcp.net'
12 Nov 2023
b'Mozilla Core Services'
disclosed a bug submitted by
b'd0xing'
b'Subdomain takeover on one of the subdomain under mozgcp.net'
12 Nov 2023
b'Nextcloud'
disclosed a bug submitted by
b'nickvergessen'
b'Password of talk conversations can be bruteforced'
12 Nov 2023
b'Nextcloud'
disclosed a bug submitted by
b'nickvergessen'
b'Memcached used as RateLimiter backend is no-op'
12 Nov 2023
b'Daimler Truck'
disclosed a bug submitted by
b'1smael0liveira'
b'CSRF + XSS REFLECT'
10 Nov 2023
b'Cloudflare Public Bug Bounty'
disclosed a bug submitted by
b'hacker_t_dog'
b'Bypass R2 payment screen'
10 Nov 2023
b'Cloudflare Public Bug Bounty'
disclosed a bug submitted by
b'aliend89'
b'YAML schema injection risk in Swagger UI via schema_url parameter at developers.cloudflare.com'
10 Nov 2023
b'ownCloud'
disclosed a bug submitted by
b'pascal_geuter'
b'Cross-Site Request Forgery '
05 Nov 2023
b'HackerOne'
disclosed a bug submitted by
b'bebiks'
b'Google Docs link in JS files allows editing & reading survey information'
04 Nov 2023
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'sufatmawati'
b'[] Information disclosure due unauthenticated access to APIs and system browser functions'
03 Nov 2023
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'mrr0b0t2324'
b'User automatically logged in as Sys Admin user on https:///Administration/Administration.aspx'
03 Nov 2023
b'FetLife'
disclosed a bug submitted by
b'deepblue29'
b'fetlife.com/signup_step_profile expose access_token of mapbox.com'
01 Nov 2023
b'TikTok'
disclosed a bug submitted by
b'serverinspector'
b'CRLF injection leads to internal XSS on PangleGlobal'
31 Oct 2023
b'PortSwigger Web Security'
disclosed a bug submitted by
b'rexifylo'
b'Title: Deceptive Manipulation of HTTP to HTTPS with VPN in Burp Suite'
31 Oct 2023
b'8x8 Bounty'
disclosed a bug submitted by
b'pentestor'
b'Stored xss at https://.8x8.com/api//ID'
30 Oct 2023
b'phpBB'
disclosed a bug submitted by
b'shin24'
b'Authenticated path traversal to Stored XSS and Denial-of-Service'
29 Oct 2023
1
...
39
40
41
42
43
...
717
BY DENIS WERNER - @NOBBD -
IMPRESSUM
