the unofficial HackerOne disclosure timeline.

X
b'Starbucks' disclosed a bug submitted by b'd3417_' 
b'Blind SQL Injection on starbucks.com.gt and WAF Bypass :*'
19 Jun 2019 timeline
b'Collibra' disclosed a bug submitted by b'freem0' 
b'Access to the database on onboarding.collibra.com'
19 Jun 2019 timeline
b'ZEIT' disclosed a bug submitted by b'kaunghtetzaw' 
b'Open redirect vuln on login'
18 Jun 2019 timeline
b'Shopify' disclosed a bug submitted by b'h13-' 
b'STAFF member with NO Explicit permissions can view `ActivityFeed` via GraphQL'
18 Jun 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'verichains' 
b'[untitled-model] sql injection'
18 Jun 2019 timeline
b'VK.com' disclosed a bug submitted by b'linkks' 
b'CVE-2018-0296'
17 Jun 2019 timeline
b'New Relic' disclosed a bug submitted by b'jon_bottarini' 
b'Giving myself access to NR1 UI / one.newrelic.com without the proper feature flags on my account'
17 Jun 2019 timeline
b'ICQ' disclosed a bug submitted by b'bigshape' 
b"ICQ 10.0.12371 icq: Uri Handler '-testability' URL File Insecure Library Loading Code Execution Vulnerability"
17 Jun 2019 timeline
b'ok.ru' disclosed a bug submitted by b'exadmin' 
b"Plain text password for 'unknown' user exist in URL when opening jira.apiok.ru"
17 Jun 2019 timeline
b'Shipt' disclosed a bug submitted by b'mubassirpatel' 
b'Multiple Subdomain Takeovers: fly.staging.shipt.com, fly.us-west-2.staging.shipt.com, fly.us-east-1.staging.shipt.com'
17 Jun 2019 timeline
b'ecobee' disclosed a bug submitted by b'mik317' 
b'CSTI on https://www.ecobee.com leads to XSS'
16 Jun 2019 timeline
b'Midpoint (European Commission ' disclosed a bug submitted by b'princenullbite' 
b'Attacker can read password from log data'
15 Jun 2019 timeline
b'Shopify' disclosed a bug submitted by b'encryptsaan123' 
b'XSS on services.shopify.com'
14 Jun 2019 timeline
b'Shopify' disclosed a bug submitted by b'zombiehelp54' 
b'H1514 Removed Staff members who had "Apps" permission can still modify flow app connections'
14 Jun 2019 timeline
b'Twitter' disclosed a bug submitted by b'updatelap' 
b'IDOR and statistics leakage in Orders '
14 Jun 2019 timeline
b'GitLab' disclosed a bug submitted by b'paresh_parmar' 
b'information disclosure of secret_key_base via encoding charcters'
13 Jun 2019 timeline
b'TomTom' disclosed a bug submitted by b'abzi' 
b"CSRF allows attacker to manage customer's shopping cart."
13 Jun 2019 timeline
b'TomTom' disclosed a bug submitted by b'omnicient' 
b'Reflected Cross Site Scripting vuln in tomtom.com'
13 Jun 2019 timeline
b'TomTom' disclosed a bug submitted by b'z3xddd' 
b'XSS Reflect'
13 Jun 2019 timeline
b'TomTom' disclosed a bug submitted by b'schopathx' 
b'Reflected XSS on www.tomtom.com'
13 Jun 2019 timeline
1 ... 424 425 426 427 428 ... 769
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM