Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'65 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Shopify' disclosed a bug submitted by b'rms' 
b'From full-access account to Account Owner'
18 Sep 2018 timeline
b'BOHEMIA INTERACTIVE a.s.' disclosed a bug submitted by b'hack2684' 
b'Weak Password Policy on Signup at https://accounts.bistudio.com/auth'
18 Sep 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'lirantal' 
b'http-live-simulator npm module is prone to path traversal attacks'
18 Sep 2018 timeline
b'Dropbox' disclosed a bug submitted by b'phwd' 
b'Dropbox employee benefits documents are available in a test Dropbox folder'
17 Sep 2018 timeline
b'New Relic' disclosed a bug submitted by b'hackerone77-222' 
b'DNS misconfiguration on email.alerts.newrelic.com'
17 Sep 2018 timeline
b'BOHEMIA INTERACTIVE a.s.' disclosed a bug submitted by b'meals' 
b'IDOR to view User Order Information'
17 Sep 2018 timeline
b'BOHEMIA INTERACTIVE a.s.' disclosed a bug submitted by b'meals' 
b'217.147.95.145 NFS Exposed with Zeus Server configs'
17 Sep 2018 timeline
b'Zomato' disclosed a bug submitted by b'akhil-reni' 
b'[www.zomato.com] Tampering with Order Quantity and paying less amount then actual amount, leads to business loss'
17 Sep 2018 timeline
b'Uber' disclosed a bug submitted by b'mefkan' 
b'Reflected XSS on Partners Subdomain'
16 Sep 2018 timeline
b'Greenhouse.io' disclosed a bug submitted by b'irvinlim' 
b'Cache poisoning using NULL bytes and long URLs'
16 Sep 2018 timeline
b'Greenhouse.io' disclosed a bug submitted by b'irvinlim' 
b'Bypass of request line length limit to DoS via cache poisoning'
16 Sep 2018 timeline
b'BOHEMIA INTERACTIVE a.s.' disclosed a bug submitted by b'ethancruize' 
b'Stealing Users OAUTH Tokens via redirect_uri '
14 Sep 2018 timeline
b'Dropbox' disclosed a bug submitted by b'todayisnew' 
b'Exposed Git Repo at http://fileserver.dropboxbusiness.com'
14 Sep 2018 timeline
b'Shipt' disclosed a bug submitted by b's3cur3' 
b'Any user can completely delete their own account without authorization and/or going through any kind of membership cancellation protocol.'
12 Sep 2018 timeline
b'OV-chipkaart' disclosed a bug submitted by b'bandjes' 
b'Personal data of all Dutch public transport cards ("OV-Chipkaart") accessible'
11 Sep 2018 timeline
b'HubSpot' disclosed a bug submitted by b'm7mdharoun' 
b'Reflected XSS and Server Side Template Injection in all HubSpot CMSes'
11 Sep 2018 timeline
b'Grabtaxi Holdings Pte Ltd' disclosed a bug submitted by b'xsam' 
b'Leaking sensitive information on Github lead full access to all Grab Slack channels '
11 Sep 2018 timeline
b'Zomato' disclosed a bug submitted by b'gerben_javado' 
b'[www.zomato.com] SQLi - /php/?????????? - item_id'
11 Sep 2018 timeline
b'Zomato' disclosed a bug submitted by b'shivasurya' 
b'Phishing user to download malicious app could lead to leakage of User Access Token, Email, Name and Profile photo via exported RemoteService'
11 Sep 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'becojo' 
b'[express-cart] Customer and admin email enumeration through MongoDB injection'
10 Sep 2018 timeline
1 ... 447 448 449 450 451 ... 746
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM