Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'58 
b'ooooooo_q'52 
b'haxta4ok00'49 
b'jon_bottarini'49 

the unofficial HackerOne disclosure timeline.

X
b'Node.js third-party modules' disclosed a bug submitted by b'shivasurya' 
b'[static-resource-server] Path Traversal allows to read content of arbitrary file on the server'
03 Jan 2019 timeline
b'Smule' disclosed a bug submitted by b'fr_0_ank' 
b'Disclosure of information about the system, configuration files.'
03 Jan 2019 timeline
b'HackerOne' disclosed a bug submitted by b'haxta4ok00' 
b'Submitting report through Embedded Submission form gives user indefinite access to a profile'
03 Jan 2019 timeline
b'Khan Academy' disclosed a bug submitted by b'sameerphad72' 
b'Creating Unlimited Fake Accounts.'
02 Jan 2019 timeline
b'HackerOne' disclosed a bug submitted by b'thefrog' 
b'@wearehackerone.com is vulnerable to namespace attacks due to hackerone.com not being RFC2142 compliant.'
02 Jan 2019 timeline
b'RATELIMITED' disclosed a bug submitted by b'z0mb13' 
b'Local File Download'
01 Jan 2019 timeline
b'VK.com' disclosed a bug submitted by b'shell_c0de' 
b'???????? ????? WebView'
31 Dec 2018 timeline
b'RubyGems' disclosed a bug submitted by b'nmalkin' 
b'Unpacker improperly validates symlinks, allowing gems writes to arbitrary locations'
31 Dec 2018 timeline
b'RATELIMITED' disclosed a bug submitted by b'wolfdroid' 
b'Exposure of tinyMCE js source code with plugin version disclosure which can leads to exploit further attacks.'
29 Dec 2018 timeline
b'Infogram' disclosed a bug submitted by b'marataziat' 
b'User account blocking by Internal Server error'
28 Dec 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'3la2kb' 
b'[http-live-simulator] Path traversal vulnerability'
28 Dec 2018 timeline
b'Python Cryptographic Authority' disclosed a bug submitted by b'sniper302' 
b'Reflected Xss bypass Content-Type: text/plain '
28 Dec 2018 timeline
b'Ruby on Rails' disclosed a bug submitted by b'rosa' 
b"ActiveStorage service's signed URLs can be hijacked via AppCache+Cookie stuffing trick when using GCS or DiskService"
27 Dec 2018 timeline
b'Mail.ru' disclosed a bug submitted by b'm00hdi' 
b'Open Redirect In passport.maps.me/logout/?next=//fb.com/'
27 Dec 2018 timeline
b'HackerOne' disclosed a bug submitted by b'b258ea62bf297b02afa9854' 
b'Information disclosure'
27 Dec 2018 timeline
b'HackerOne' disclosed a bug submitted by b'b258ea62bf297b02afa9854' 
b'Timing attack towards endpoints on the web without CSRF '
27 Dec 2018 timeline
b'HackerOne' disclosed a bug submitted by b'cablej' 
b'Race condition in performing retest allows duplicated payments'
27 Dec 2018 timeline
b'HackerOne' disclosed a bug submitted by b'3thic4l' 
b'A user can request a report to be retested even though the program has not been verified by HackerOne'
27 Dec 2018 timeline
b'FormAssembly' disclosed a bug submitted by b'stfloresca' 
b'xmlrpc.php file is enable it will used for (DOS) and bruteforce attack'
27 Dec 2018 timeline
b'OLX' disclosed a bug submitted by b'hdbreaker' 
b'blog.praca.olx.pl database credentials exposure'
26 Dec 2018 timeline
1 ... 409 410 411 412 413 ... 729
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM