Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'83 
b'linkks'75 
b'jobert'70 
b'nyymi'62 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'BOHEMIA INTERACTIVE a.s.' disclosed a bug submitted by b'meals' 
b'217.147.95.145 NFS Exposed with Zeus Server configs'
17 Sep 2018 timeline
b'Zomato' disclosed a bug submitted by b'akhil-reni' 
b'[www.zomato.com] Tampering with Order Quantity and paying less amount then actual amount, leads to business loss'
17 Sep 2018 timeline
b'Uber' disclosed a bug submitted by b'mefkan' 
b'Reflected XSS on Partners Subdomain'
16 Sep 2018 timeline
b'Greenhouse.io' disclosed a bug submitted by b'irvinlim' 
b'Cache poisoning using NULL bytes and long URLs'
16 Sep 2018 timeline
b'Greenhouse.io' disclosed a bug submitted by b'irvinlim' 
b'Bypass of request line length limit to DoS via cache poisoning'
16 Sep 2018 timeline
b'BOHEMIA INTERACTIVE a.s.' disclosed a bug submitted by b'ethancruize' 
b'Stealing Users OAUTH Tokens via redirect_uri '
14 Sep 2018 timeline
b'Dropbox' disclosed a bug submitted by b'todayisnew' 
b'Exposed Git Repo at http://fileserver.dropboxbusiness.com'
14 Sep 2018 timeline
b'Shipt' disclosed a bug submitted by b's3cur3' 
b'Any user can completely delete their own account without authorization and/or going through any kind of membership cancellation protocol.'
12 Sep 2018 timeline
b'OV-chipkaart' disclosed a bug submitted by b'bandjes' 
b'Personal data of all Dutch public transport cards ("OV-Chipkaart") accessible'
11 Sep 2018 timeline
b'HubSpot' disclosed a bug submitted by b'm7mdharoun' 
b'Reflected XSS and Server Side Template Injection in all HubSpot CMSes'
11 Sep 2018 timeline
b'Grabtaxi Holdings Pte Ltd' disclosed a bug submitted by b'xsam' 
b'Leaking sensitive information on Github lead full access to all Grab Slack channels '
11 Sep 2018 timeline
b'Zomato' disclosed a bug submitted by b'gerben_javado' 
b'[www.zomato.com] SQLi - /php/?????????? - item_id'
11 Sep 2018 timeline
b'Zomato' disclosed a bug submitted by b'shivasurya' 
b'Phishing user to download malicious app could lead to leakage of User Access Token, Email, Name and Profile photo via exported RemoteService'
11 Sep 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'becojo' 
b'[express-cart] Customer and admin email enumeration through MongoDB injection'
10 Sep 2018 timeline
b'Ubiquiti Networks' disclosed a bug submitted by b'smiegles' 
b'Public Jenkins instance with /script enabled'
10 Sep 2018 timeline
b'Weblate' disclosed a bug submitted by b'str33' 
b'Open port leads to information disclosure'
10 Sep 2018 timeline
b'LocalTapiola' disclosed a bug submitted by b'lovepakistan' 
b'User Information Disclosure via the REST API - /?_method=GET'
10 Sep 2018 timeline
b'LocalTapiola' disclosed a bug submitted by b'lovepakistan' 
b'F5 BigIP Backend Cookie Disclosure'
10 Sep 2018 timeline
b'LocalTapiola' disclosed a bug submitted by b'linkks' 
b'WordPress username enumeration (/author)'
09 Sep 2018 timeline
b'Mavenlink' disclosed a bug submitted by b'rashedhasan007' 
b'Participation of expired account holders in Projects can occure financial loss to Mavenlink '
09 Sep 2018 timeline
1 ... 439 440 441 442 443 ... 738
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM