REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'GitLab'
disclosed a bug submitted by
b'lahataleputih'
b'Potensial SSRF via Git repository URL '
16 Jul 2018
b'GitLab'
disclosed a bug submitted by
b'phillycheeze'
b'Persistent XSS - Selecting users as allowed merge request approvers'
16 Jul 2018
b'GitLab'
disclosed a bug submitted by
b'phillycheeze'
b'XSS (Persistent) - Selecting role(s) for protected branches'
16 Jul 2018
b'Mail.Ru'
disclosed a bug submitted by
b'aietix'
b'Attacker can send requests from mail.ru server'
16 Jul 2018
b'ICQ'
disclosed a bug submitted by
b's3r3n3storm'
b'XSS at https://icq.com/people'
16 Jul 2018
b'Mail.Ru'
disclosed a bug submitted by
b'c37hun'
b'CSRF ?? biz.mail.ru'
16 Jul 2018
b'Ubiquiti Networks'
disclosed a bug submitted by
b'amans'
b'Two Factor Authentication Bypass'
16 Jul 2018
b'Mail.Ru'
disclosed a bug submitted by
b'webr0ck'
b'????? ???????? ?????????? Nginx ? ???? ????????'
16 Jul 2018
b'Node.js'
disclosed a bug submitted by
b'joy271'
b'Your page has 2 blocking CSS resources. This causes a delay in rendering your page.'
15 Jul 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'bl4de'
b'[statics-server] XSS via injected iframe in file name when statics-server displays directory index in the browser'
14 Jul 2018
b'Slack'
disclosed a bug submitted by
b'albatraoz'
b'Internal SSRF bypass using slash commands at api.slack.com'
12 Jul 2018
b'Passit'
disclosed a bug submitted by
b'retcyb'
b'Old sessions does not expire On changing password via https://app.passit.io/account/change-password '
12 Jul 2018
b'Nextcloud'
disclosed a bug submitted by
b'samix'
b'Accessing to download.nextcloud.com from original ip adreess | insecure Download'
12 Jul 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'bl4de'
b'[m-server] HTML Injection in filenames displayed as directory listing in the browser allows to embed iframe with malicious JavaScript code'
12 Jul 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'bl4de'
b'[m-server] Path Traversal allows to display content of arbitrary file(s) from the server'
12 Jul 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'patrickrbc'
b'Privilege escalation allows any user to add an administrator'
12 Jul 2018
b'Shopify'
disclosed a bug submitted by
b'bored-engineer'
b'[out-of-scope] toxiproxy: Lack of CSRF protection allows an attacker to gain access to internal Shopify network'
11 Jul 2018
b'OLX'
disclosed a bug submitted by
b'konduru-jashwanth'
b'Cross Site Scripting -> Reflected XSS'
11 Jul 2018
b'Brave Software'
disclosed a bug submitted by
b'skanthak'
b'Arbitrary local code execution via DLL hijacking from executable installer'
09 Jul 2018
b'Brave Software'
disclosed a bug submitted by
b'skanthak'
b'Download of (later executed) .NET installer over insecure channel'
09 Jul 2018
1
...
404
405
406
407
408
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM