REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Coalition, Inc.'
disclosed a bug submitted by
b'startedfromthebottom'
b'No authentication on email address for password reset functionality/ https://platform.thecoalition.com/forgot-password'
03 May 2018
b'Unikrn'
disclosed a bug submitted by
b'tolo7010'
b'Rate-limit protection get executed in the last stage of the registration process, allowing enumeration of existing account.'
03 May 2018
b'New Relic'
disclosed a bug submitted by
b'jon_bottarini'
b'[NR Infrastructure] Bypass of #200576 through GraphQL query abuse - allows restricted user access to root account license key'
02 May 2018
b'New Relic'
disclosed a bug submitted by
b'jon_bottarini'
b'Manipulation of submit payment request allows me to obtain Infrastructure Pro/Other Services for free or at greatly reduced price'
02 May 2018
b'New Relic'
disclosed a bug submitted by
b'kunal_bahl'
b'Newrelic s3 bucket is writeable and deleteable by authorized AWS users'
02 May 2018
b'New Relic'
disclosed a bug submitted by
b'ho_nc'
b'Broken Authentication and session management OWASP A2'
02 May 2018
b'New Relic'
disclosed a bug submitted by
b'japz'
b'Hyperlink Injection on adding active users'
02 May 2018
b'New Relic'
disclosed a bug submitted by
b'mr_sharma_'
b'XSS (Reflected)'
02 May 2018
b'New Relic'
disclosed a bug submitted by
b'jon_bottarini'
b'NR Internal_API call allows me to read the events/violations/policies/messages of ANY New Relic account (AND pull data from infrastructure)'
02 May 2018
b'Greenhouse.io'
disclosed a bug submitted by
b'irvinlim'
b'DoS through cache poisoning using invalid HTTP parameters'
02 May 2018
b'Shopify'
disclosed a bug submitted by
b'richardf'
b'Potential to abuse pricing errors in saved carts'
02 May 2018
b'Vend'
disclosed a bug submitted by
b'al88nsk'
b'Improper access control on adding a Register to an Outlet'
02 May 2018
b'Shopify'
disclosed a bug submitted by
b'rijalrojan'
b'Replace other user files in Inbox messages '
01 May 2018
b'New Relic'
disclosed a bug submitted by
b'jon_bottarini'
b'Bypass of my three other reports #267636 + #255894 + #271861 - (IDOR) Ability to see full name associated with other New Relic accounts'
01 May 2018
b'Rockstar Games'
disclosed a bug submitted by
b'europa'
b'Client-side Template Injection in Search, user email/token leak and maybe sandbox escape'
01 May 2018
b'Ruby'
disclosed a bug submitted by
b'mrtc0'
b"Invalid URL parsing '#'"
01 May 2018
b'Dropbox'
disclosed a bug submitted by
b'oaidjoaisdjoaisjdioasfsdhfuios'
b'User Impersonation - Create Support Ticket With Any Registered Account Email'
01 May 2018
b'GitLab'
disclosed a bug submitted by
b'wuqidashi'
b'SSRF vulnerability in gitlab.com webhook'
30 Apr 2018
b'Informatica'
disclosed a bug submitted by
b'strukt'
b'XXE at Informatica sub-domain'
30 Apr 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'chalker'
b'`superstatic` is vulnerable to path traversal on Windows'
29 Apr 2018
1
...
417
418
419
420
421
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM