Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'67 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b"Hanno's projects" disclosed a bug submitted by b'anonym0us_py' 
b'Bypassing the fix of #503922'
04 Mar 2019 timeline
b'OLX' disclosed a bug submitted by b'paulochoupina' 
b'XSS - main page - search[user_id] parameter'
03 Mar 2019 timeline
b"Hanno's projects" disclosed a bug submitted by b'zophi' 
b'Open redirect on the https://tt.hboeck.de'
03 Mar 2019 timeline
b'GitLab' disclosed a bug submitted by b'jobert' 
b"Snippet JS template allows attacker to read a user's private snippets"
03 Mar 2019 timeline
b'Urban Dictionary' disclosed a bug submitted by b'red_assassin' 
b'Users able to set video url for unpublished words and able to see the name of unpublished words'
02 Mar 2019 timeline
b'Imgur' disclosed a bug submitted by b'giddsec' 
b'Stored XSS on imgur profile'
02 Mar 2019 timeline
b'Twitter' disclosed a bug submitted by b'mik317' 
b'CSRF on https://www.niche.co leads to "account disconnection"'
02 Mar 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'skyn3t' 
b'[glance] Access unlisted internal files/folders revealing sensitive information'
28 Feb 2019 timeline
b'Twitter' disclosed a bug submitted by b'healdb' 
b'Takeover of Twitter-owned domain at mobileapplinking.com'
28 Feb 2019 timeline
b'Twitter' disclosed a bug submitted by b'mik317' 
b'CSRF and probable account takeover on https://www.niche.co'
28 Feb 2019 timeline
b'Mavenlink' disclosed a bug submitted by b'tolo7010' 
b'User uploaded portfolio files can be accessed by any user even after deleted'
27 Feb 2019 timeline
b'Mavenlink' disclosed a bug submitted by b'tolo7010' 
b'CSRF Add user templates'
27 Feb 2019 timeline
b'Instacart' disclosed a bug submitted by b'tolo7010' 
b'CSRF Trial 14 days express subscription'
27 Feb 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'bagipro' 
b'[Mail.Ru Android] Typo in permission name allows to write contacts without user knowledge'
26 Feb 2019 timeline
b'Postmates' disclosed a bug submitted by b'davidalbert' 
b'Web cache poisoning attack leads to user information and more'
26 Feb 2019 timeline
b'DuckDuckGo' disclosed a bug submitted by b'mik317' 
b'Partial bypass of #483774 with Blind XXE on https://duckduckgo.com'
25 Feb 2019 timeline
b'InnoGames' disclosed a bug submitted by b'wwshack' 
b'Information disclosure via ".htaccess" at https://login.innogames.de'
25 Feb 2019 timeline
b'VK.com' disclosed a bug submitted by b'page1337' 
b'Page replacement and redirect loop'
24 Feb 2019 timeline
b'Gatecoin' disclosed a bug submitted by b'p4fg' 
b'API request signature can be reused with other parameters/data than the original in certain cases'
23 Feb 2019 timeline
b'Slack' disclosed a bug submitted by b'kiyell' 
b'AWS bucket leading to iOS test build code and configuration exposure'
23 Feb 2019 timeline
1 ... 425 426 427 428 429 ... 752
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM