REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
84
b'linkks'
75
b'jobert'
70
b'nyymi'
64
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Ian Dunn'
disclosed a bug submitted by
b'foobar7'
b'XSSI: Quick Navigation Interface - leak of private page/post titles'
15 Feb 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'avi3719'
b'Reflected XSS in the npm module express-cart.'
15 Feb 2019
b'Zomato'
disclosed a bug submitted by
b'chiraggupta8769'
b'Open Redirect On Your Login Panel'
14 Feb 2019
b'MariaDB'
disclosed a bug submitted by
b's_p_q_r'
b'[downloads.mariadb.org] CRLF injection in case of encoded query mark'
14 Feb 2019
b'WordPress'
disclosed a bug submitted by
b'simonscannell'
b'Logic flaw in the Post creation process allows creating posts with arbitrary types without needing the corresponding nonce'
14 Feb 2019
b'Brave Software'
disclosed a bug submitted by
b'hackthedevil'
b'DMARC RECORD MISSING'
13 Feb 2019
b'Dovecot'
disclosed a bug submitted by
b'halfdog'
b'Username restriction bypass with SSL client authentication'
13 Feb 2019
b'Mail.ru'
disclosed a bug submitted by
b'kushal89shah'
b"[FG-VD-17-115] Mail.ru's Amigo Browser DLL Pre-Loading Vulnerability Notification"
12 Feb 2019
b'Twitter'
disclosed a bug submitted by
b'ameerpornillos'
b'Information Exposure Through Directory Listing vulnerability on 8 vcache**.usw2.snappytv.com websites'
11 Feb 2019
b'Twitter'
disclosed a bug submitted by
b'cris-staicu'
b'Tracking of users on third-party websites using the Twitter cookie, due to a flaw in authenticating image requests'
08 Feb 2019
b'Starbucks'
disclosed a bug submitted by
b'karthik87mit'
b'Password Change not notified when changed from settings'
08 Feb 2019
b'Starbucks'
disclosed a bug submitted by
b'apapedulimu'
b'Missing CSRF Token On Remove Coupun From Cart'
08 Feb 2019
b'GitLab'
disclosed a bug submitted by
b'urztruzchitrz'
b'Guests Will Disclose the Private Project Full Activity Via Project Activity Feeds'
08 Feb 2019
b'Uber'
disclosed a bug submitted by
b'appsecure_in'
b'Client secret, server tokens for developer applications returned by internal API'
08 Feb 2019
b'PayPal'
disclosed a bug submitted by
b'alexbirsan'
b'XSSI on refer.xoom.com allows stealing email addresses and posting to Twitter on behalf of victim'
07 Feb 2019
b'PayPal'
disclosed a bug submitted by
b'bagipro'
b'[Venmo Android] Remote theft of user session'
07 Feb 2019
b'PayPal'
disclosed a bug submitted by
b'bagipro'
b'[PayPal Android] Remote theft of user session using push_notification_webview deeplink'
07 Feb 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'skyn3t'
b'[serve] Access unlisted internal files/folders revealing sensitive information'
07 Feb 2019
b'Twitter'
disclosed a bug submitted by
b'bywalks'
b'[dev.twitter.com] XSS and Open Redirect Protection Bypass'
07 Feb 2019
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'archang31'
b'Information Disclosure (can access all Army HRC RFOs) within AIM view RFO Portal'
06 Feb 2019
1
...
417
418
419
420
421
...
742
BY DENIS WERNER - @NOBBD -
IMPRESSUM
