Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'67 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'HackerOne' disclosed a bug submitted by b'reigertje' 
b'Private information exposed through GraphQL filters'
23 Jul 2019 timeline
b'Starbucks' disclosed a bug submitted by b'geek_jeremy' 
b'Blind SQLi leading to RCE, from Unauthenticated access to a test API Webservice'
22 Jul 2019 timeline
b'HackerOne' disclosed a bug submitted by b'dropper' 
b'Race Condition in Flag Submission'
22 Jul 2019 timeline
b'WordPress' disclosed a bug submitted by b'paragonie-scott' 
b'WordPress Automatic Update Protocol Does Not Authenticate Updates Provided by the Server'
22 Jul 2019 timeline
b'Nextcloud' disclosed a bug submitted by b'leonklingele' 
b'Arbitrary SQL command injection'
21 Jul 2019 timeline
b'Smule' disclosed a bug submitted by b'red_assassin' 
b'Web cache poisoning leads to disclosure of CSRF token and sensitive information'
21 Jul 2019 timeline
b'GitLab' disclosed a bug submitted by b'xanbanx' 
b'Milestones leaked via search API'
19 Jul 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'kassih' 
b'Cross-site Scripting (XSS) - Stored in ru.mail.mailapp'
19 Jul 2019 timeline
b'GitLab' disclosed a bug submitted by b'nyangawa' 
b'Persistent XSS in Note objects'
19 Jul 2019 timeline
b'WordPress' disclosed a bug submitted by b'mygf' 
b'Stored XSS Vulnerability'
18 Jul 2019 timeline
b'ExpressionEngine' disclosed a bug submitted by b'winst0n13' 
b'Open Redirect in comment section'
18 Jul 2019 timeline
b'Imgur' disclosed a bug submitted by b'rioncool22' 
b'BUG XSS IN "ADD IMAGES"'
18 Jul 2019 timeline
b'Maximum' disclosed a bug submitted by b'sicarius' 
b"Developper's websites are easily accessibles leading to massive information disclosure"
18 Jul 2019 timeline
b'Chainlink' disclosed a bug submitted by b'danangtriatmaja' 
b'No Valid SPF Records.'
18 Jul 2019 timeline
b'Semmle' disclosed a bug submitted by b'zealsham' 
b'Server side includes in https://lgtm-com.pentesting.semmle.net/internal_api/v0.2/savePublicInformation leads to 500 server error and D-DOS'
18 Jul 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'ruvlol' 
b'LRF on shared.mail.ru due to "markdown" plugin'
18 Jul 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'ruvlol' 
b'Open Selenoid instance at 188.93.63.186 leads to LFR/SSRF.'
18 Jul 2019 timeline
b'Uber' disclosed a bug submitted by b'eequalsmc2' 
b'Lack of proper paymentProfileUUID validation allows any number of free rides without any outstanding balance'
18 Jul 2019 timeline
b'Chainlink' disclosed a bug submitted by b'jaisharma' 
b'Testnet address being sent in cleartext as http://rinkeby.chain.link/ is missing SSL certificate'
17 Jul 2019 timeline
b'Vanilla' disclosed a bug submitted by b'klmunday' 
b'Stored XSS in Rich editor via Embed datetime'
17 Jul 2019 timeline
1 ... 403 404 405 406 407 ... 755
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM