REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Node.js third-party modules'
disclosed a bug submitted by
b'bl4de'
b'[crud-file-server] Stored XSS in filenames when directory index is served by crud-file-server'
17 Feb 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'bl4de'
b'[public] Path Traversal allows to read content of arbitrary files'
17 Feb 2018
b'Starbucks'
disclosed a bug submitted by
b'dpgribkov'
b'Subdomain takeover on developer.openapi.starbucks.com'
17 Feb 2018
b'Twitter'
disclosed a bug submitted by
b'harisec'
b'Blind XSS in Mobpub Marketplace Admin Production | Sentry via demand.mopub.com (User-Agent)'
17 Feb 2018
b'GitLab'
disclosed a bug submitted by
b'moritz30'
b'Cookie bomb'
16 Feb 2018
b'WordPress'
disclosed a bug submitted by
b'shay12tg'
b'MediaElements XSS'
15 Feb 2018
b'LocalTapiola'
disclosed a bug submitted by
b'billy_blaze'
b'Securemail server used to internal spam and resource exhaustion'
15 Feb 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'holyvier'
b'Prototype pollution attack (defaults-deep)'
15 Feb 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'holyvier'
b'Prototype pollution attack (merge-deep)'
15 Feb 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'holyvier'
b'Prototype pollution attack (assign-deep)'
15 Feb 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'holyvier'
b'Prototype pollution attack (mixin-deep)'
15 Feb 2018
b'Showmax'
disclosed a bug submitted by
b'ehsahil'
b'Changing details of other users profile using UUID (IDOR)'
15 Feb 2018
b'Coursera'
disclosed a bug submitted by
b'flex0geek'
b'[www.coursera.org] Leaking password reset link on referrer header'
14 Feb 2018
b'Khan Academy'
disclosed a bug submitted by
b'na5ne3t'
b'Frameset(Frame) html tag is allowed in html editor.(can lead to clickjacking)'
14 Feb 2018
b'HackerOne'
disclosed a bug submitted by
b'haxta4ok00'
b'The request tells the number of private programs, the new system of authorization /invite/token'
14 Feb 2018
b'Automattic'
disclosed a bug submitted by
b'edoverflow'
b'Improper markup sanitisation in Simplenote Android application.'
13 Feb 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'holyvier'
b'Prototype pollution attack (Hoek)'
13 Feb 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'holyvier'
b'Prototype pollution attack (lodash)'
13 Feb 2018
b'Urban Dictionary'
disclosed a bug submitted by
b'tyagiji'
b'See details of a unpublished word by guessing the word ID'
12 Feb 2018
b'Mail.Ru'
disclosed a bug submitted by
b's_p_q_r'
b'[afisha.mail.ru] HTML-???????? ????? XSS ?? ??????? ???????'
12 Feb 2018
1
...
430
431
432
433
434
...
691
BY DENIS WERNER - @NOBBD -
IMPRESSUM