REPORTS
PROGRAMS
PUBLISHERS
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'WordPress'
disclosed a bug submitted by
b'simonscannell'
b'Logic flaw in the Post creation process allows creating posts with arbitrary types without needing the corresponding nonce'
14 Feb 2019
b'Brave Software'
disclosed a bug submitted by
b'hackthedevil'
b'DMARC RECORD MISSING'
13 Feb 2019
b'Dovecot'
disclosed a bug submitted by
b'halfdog'
b'Username restriction bypass with SSL client authentication'
13 Feb 2019
b'Mail.ru'
disclosed a bug submitted by
b'kushal89shah'
b"[FG-VD-17-115] Mail.ru's Amigo Browser DLL Pre-Loading Vulnerability Notification"
12 Feb 2019
b'Twitter'
disclosed a bug submitted by
b'ameerpornillos'
b'Information Exposure Through Directory Listing vulnerability on 8 vcache**.usw2.snappytv.com websites'
11 Feb 2019
b'Twitter'
disclosed a bug submitted by
b'cris-staicu'
b'Tracking of users on third-party websites using the Twitter cookie, due to a flaw in authenticating image requests'
08 Feb 2019
b'Starbucks'
disclosed a bug submitted by
b'karthik87mit'
b'Password Change not notified when changed from settings'
08 Feb 2019
b'Starbucks'
disclosed a bug submitted by
b'apapedulimu'
b'Missing CSRF Token On Remove Coupun From Cart'
08 Feb 2019
b'GitLab'
disclosed a bug submitted by
b'urztruzchitrz'
b'Guests Will Disclose the Private Project Full Activity Via Project Activity Feeds'
08 Feb 2019
b'Uber'
disclosed a bug submitted by
b'appsecure_in'
b'Client secret, server tokens for developer applications returned by internal API'
08 Feb 2019
b'PayPal'
disclosed a bug submitted by
b'alexbirsan'
b'XSSI on refer.xoom.com allows stealing email addresses and posting to Twitter on behalf of victim'
07 Feb 2019
b'PayPal'
disclosed a bug submitted by
b'bagipro'
b'[Venmo Android] Remote theft of user session'
07 Feb 2019
b'PayPal'
disclosed a bug submitted by
b'bagipro'
b'[PayPal Android] Remote theft of user session using push_notification_webview deeplink'
07 Feb 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'skyn3t'
b'[serve] Access unlisted internal files/folders revealing sensitive information'
07 Feb 2019
b'Twitter'
disclosed a bug submitted by
b'bywalks'
b'[dev.twitter.com] XSS and Open Redirect Protection Bypass'
07 Feb 2019
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'archang31'
b'Information Disclosure (can access all Army HRC RFOs) within AIM view RFO Portal'
06 Feb 2019
b'Ubiquiti Networks'
disclosed a bug submitted by
b'csiete'
b'UBNT Amplification DDOS Attack'
06 Feb 2019
b'Mail.ru'
disclosed a bug submitted by
b'lincoln9932'
b'??????????? ????? ?? ????? ??????? https://pandao.ru/'
06 Feb 2019
b'GitLab'
disclosed a bug submitted by
b'jaykpatel'
b'gitter.im virtually authentication bypass by abusing authorizing callback?code'
04 Feb 2019
b'Mail.ru'
disclosed a bug submitted by
b'hossammesbah21'
b'ssl cookie without secure flag set'
04 Feb 2019
1
...
445
446
447
448
449
...
769
BY DENIS WERNER - @NOBBD -
IMPRESSUM