REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Node.js third-party modules'
disclosed a bug submitted by
b'ginden'
b'Privilage escalation with malicious .npmrc'
30 Jun 2018
b'ok.ru'
disclosed a bug submitted by
b'lincoln9932'
b'????? ??????? XSS ? ?????? ?????????? m.ok.ru'
30 Jun 2018
b'VK.com'
disclosed a bug submitted by
b'shad0walk3rtn'
b'Open Redirection Vulnerability in m.vk.com'
29 Jun 2018
b'SEMrush'
disclosed a bug submitted by
b'asad_anwar'
b'Error Page Content Spoofing or Text Injection '
29 Jun 2018
b'Electroneum'
disclosed a bug submitted by
b'hackermanbob'
b'Hackerone [Mainsite Vulnerability]'
28 Jun 2018
b'Udemy'
disclosed a bug submitted by
b'kazan71p'
b'[engineering.udemy.com] - Subdomain Takeover (ghost.io)'
27 Jun 2018
b'HackerOne'
disclosed a bug submitted by
b'parth'
b'Hacktivity of a private program visible to banned user if he gets invited to a program by hackbot'
27 Jun 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'chalker'
b'`memjs` allocates and stores buffers on typed input, resulting in DoS and uninitialized memory usage'
27 Jun 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'n0n4me'
b'[buttle] Path traversal in mid-buttle module allows to read any file in the server.'
27 Jun 2018
b'HackerOne'
disclosed a bug submitted by
b'bigbug'
b'Invalid Phabricator API token revealed through error message when escalating a report'
27 Jun 2018
b'HackerOne'
disclosed a bug submitted by
b'ashish_r_padelkar'
b'User object in GraphQL exposes number of trial reports for External Programs that also have a Private Program'
27 Jun 2018
b'Twitter'
disclosed a bug submitted by
b'arjuniet'
b'Improper session handling on web browsers'
26 Jun 2018
b'HackerOne'
disclosed a bug submitted by
b'r3naissance'
b'People who interviewed for HackerOne security analyst position can be enumerated and their personal email address may be exposed'
25 Jun 2018
b'Starbucks'
disclosed a bug submitted by
b'0xpatrik'
b'Subdomain takeover on svcgatewayus.starbucks.com'
25 Jun 2018
b'VK.com'
disclosed a bug submitted by
b'pisarenko'
b'?????????? ???? ??????????? ???????? ??? ?????? ????????? ???? ??? ????? '
24 Jun 2018
b'Badoo'
disclosed a bug submitted by
b'isaeva'
b'?????????? ?????/??????? ?????????????'
24 Jun 2018
b'LocalTapiola'
disclosed a bug submitted by
b'billy_blaze'
b'User able to access company details in yrityspalvelu without proper permissions'
22 Jun 2018
b'Vanilla'
disclosed a bug submitted by
b'samux'
b'A user can comment in private discussions without having permission to access the discussion'
22 Jun 2018
b'LocalTapiola'
disclosed a bug submitted by
b'petruknisme'
b'F5 BIG-IP Cookie Remote Information Disclosure'
21 Jun 2018
b'Nextcloud'
disclosed a bug submitted by
b'mandark'
b'The session token in the URL'
19 Jun 2018
1
...
405
406
407
408
409
...
691
BY DENIS WERNER - @NOBBD -
IMPRESSUM