REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
83
b'linkks'
75
b'jobert'
70
b'nyymi'
62
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'50m-ctf'
disclosed a bug submitted by
b'abdilahrf_'
b'Writeup Hackerone 50M CTF'
08 Apr 2019
b'50m-ctf'
disclosed a bug submitted by
b'bitk'
b'Writeup '
08 Apr 2019
b'50m-ctf'
disclosed a bug submitted by
b'collinmay'
b'Various vulnerabilities ultimately lead to attacker control over FliteThermostat server and access to internal accounting application source code'
08 Apr 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'skyn3t'
b'[harp] File access even when they have been set to be ignored.'
06 Apr 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'skyn3t'
b'[harp] Unsafe rendering of Markdown files'
06 Apr 2019
b'Automattic'
disclosed a bug submitted by
b'yzy9951'
b'[FG-VD-19-022] Wordpress WooCommerce Cross-Site Scripting Vulnerability Notification'
06 Apr 2019
b'Vanilla'
disclosed a bug submitted by
b'foobar7'
b'FileUpload Plugin: CSRF (delete all attached files)'
06 Apr 2019
b'Vanilla'
disclosed a bug submitted by
b'foobar7'
b'Persistent XSS via Signatures'
06 Apr 2019
b'Vanilla'
disclosed a bug submitted by
b'foobar7'
b'jsConnect Plugin: Takeover of existing account'
06 Apr 2019
b'GitLab'
disclosed a bug submitted by
b'rpadovani'
b"Removing a user from a private group doesn't remove him from group's project, if his project's role was changed"
05 Apr 2019
b'HackerOne'
disclosed a bug submitted by
b'eremeev'
b'Invited team member can disclosure slack channels'
05 Apr 2019
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'cablej_dds'
b'??????? Site Exposes DD2648 forms'
05 Apr 2019
b'HackerOne'
disclosed a bug submitted by
b'kapytein'
b'Path traversal leading to limited CSRF on GET requests on two endpoints'
05 Apr 2019
b'GitLab'
disclosed a bug submitted by
b'edoverflow'
b"Claiming package names in GitLab's automatic package referencer."
05 Apr 2019
b'HackerOne'
disclosed a bug submitted by
b'fransrosen'
b'Client-Side Race Condition using Marketo, allows sending user to data-protocol in Safari when form without onSuccess is submitted on www.hackerone.com'
05 Apr 2019
b'Shopify'
disclosed a bug submitted by
b'jobert'
b'H1514 Shopify API ruby SDK session setup lacks input validation, resulting in SSRF and leakage of client secret'
05 Apr 2019
b'Unikrn'
disclosed a bug submitted by
b'v4lid0l'
b'bypass Claudflare access crm.mautic.com'
05 Apr 2019
b'Unikrn'
disclosed a bug submitted by
b'v4lid0l'
b'Path Disclosure Vulnerability http://crm.******.com'
05 Apr 2019
b'HackerOne'
disclosed a bug submitted by
b'jobert'
b'Corrupted Authorization header can cause logs not to be ingested properly in ????????'
04 Apr 2019
b'HackerOne'
disclosed a bug submitted by
b'm7mdharoun'
b'Deprecated Hacker101 coursework repository mentions Heroku App that is susceptible to takeover'
04 Apr 2019
1
...
406
407
408
409
410
...
738
BY DENIS WERNER - @NOBBD -
IMPRESSUM