REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
81
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
60
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Node.js third-party modules'
disclosed a bug submitted by
b'caioluders'
b'[git-dummy-commit] Command injection on the msg parameter'
15 Jun 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'greendog'
b'Insecure implementation of deserialization in funcster'
15 Jun 2018
b'Nextcloud'
disclosed a bug submitted by
b'reinism'
b'File access control rules not enforced on image files'
15 Jun 2018
b'Shopify'
disclosed a bug submitted by
b'tbh'
b'Improper access check by Kit leads to controlling attributes of store & getting analytics by deleted Store member via dual messenger A/C'
15 Jun 2018
b'Shopify'
disclosed a bug submitted by
b'rijalrojan'
b'Publicly Accessible Datadog link'
15 Jun 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'chalker'
b'`njwt` allocates uninitialized Buffers when number is passed in base64urlEncode input'
14 Jun 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'lirantal'
b'Remote Command Execution vulnerability in pullit'
14 Jun 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'bl4de'
b'[file-static-server] Path Traversal allows to read content of arbitrary file on the server'
14 Jun 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'chalker'
b'`utile` allocates uninitialized Buffers when number is passed in input'
14 Jun 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'chalker'
b'`put` allocates uninitialized Buffers when non-round numbers are passed in input'
14 Jun 2018
b'Vanilla'
disclosed a bug submitted by
b'samux'
b'A user can create an event in a group without being in it http://littleguy.vanillastaging.com/'
14 Jun 2018
b'Nextcloud'
disclosed a bug submitted by
b'samix'
b'Disclosed Version of PORTS SSH|HTTP|SSL'
14 Jun 2018
b'Dropbox'
disclosed a bug submitted by
b'zeq3ul'
b'Bypass Local Authentication (TouchID)'
13 Jun 2018
b'PortSwigger Web Security'
disclosed a bug submitted by
b'morisson'
b'burp does not validate the common name of the presented collaborator server certificate'
13 Jun 2018
b'PortSwigger Web Security'
disclosed a bug submitted by
b'jupenur'
b'Leak of Platform Authentication credentials via Repeater'
13 Jun 2018
b'Ruby'
disclosed a bug submitted by
b'etsukata'
b'SEGV in parse_rat()'
13 Jun 2018
b'SEMrush'
disclosed a bug submitted by
b'kunal94'
b'XSS on redirection page( Bypassed) '
13 Jun 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'tungpun'
b'[mcstatic] Server Directory Traversal'
12 Jun 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'tungpun'
b'[html-pages] Stored XSS in the filename when directories listing'
12 Jun 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'tungpun'
b'[public] Stored XSS in the filename when directories listing'
12 Jun 2018
1
...
449
450
451
452
453
...
733
BY DENIS WERNER - @NOBBD -
IMPRESSUM