the unofficial HackerOne disclosure timeline.

X
b'Vanilla' disclosed a bug submitted by b'mr_me' 
b'Vanilla Forums Gdn_Format unserialize() Remote Code Execution Vulnerability'
23 Nov 2018 timeline
b'Vanilla' disclosed a bug submitted by b'mr_me' 
b'Vanilla Forums domGetImages getimagesize Unserialize Remote Code Execution Vulnerability (critical)'
23 Nov 2018 timeline
b'Vanilla' disclosed a bug submitted by b'mr_me' 
b'Vanilla Forums Xenforo password splitHash Unserialize Remote Code Execution Vulnerability'
23 Nov 2018 timeline
b'Vanilla' disclosed a bug submitted by b'mr_me' 
b'Vanilla Forums ImportController index file_exists Unserialize Remote Code Execution Vulnerability'
23 Nov 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'cris_semmle' 
b'Code Injection Vulnerability in zombie Package'
23 Nov 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'vulzzz' 
b'List any file in the folder by using path traversal'
23 Nov 2018 timeline
b'h1-5411-CTF' disclosed a bug submitted by b'den1al' 
b'CTF Writeup flag{cha1n1ng_bugs_f0r_fun_4nd_pr0f1t?_or_rep0rt_an_LF1}'
21 Nov 2018 timeline
b'Passit' disclosed a bug submitted by b'13ern' 
b'app.passit.io is vulnerable against username enumeration'
21 Nov 2018 timeline
b'Uber' disclosed a bug submitted by b'firs0v' 
b'Full path disclosure on track.uber.com'
20 Nov 2018 timeline
b'Uber' disclosed a bug submitted by b'r0t' 
b'Possibility to enumerate and bruteforce promotion codes in Uber iOS App'
20 Nov 2018 timeline
b'Uber' disclosed a bug submitted by b'bobrov' 
b'Open Redirect in riders.uber.com'
20 Nov 2018 timeline
b'Uber' disclosed a bug submitted by b'appsecure_in' 
b'Lack of payment type validation in dial.uber.com allows for free rides'
20 Nov 2018 timeline
b'Uber' disclosed a bug submitted by b'mdv' 
b'Stored XSS on any page in most Uber domains'
20 Nov 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'dienpv' 
b'Prototype pollution attack (mergify)'
20 Nov 2018 timeline
b'Ruby on Rails' disclosed a bug submitted by b'ooooooo_q' 
b'Validation bypass for queries generated for PostgreSQL'
19 Nov 2018 timeline
b'QIWI' disclosed a bug submitted by b'bobrov' 
b'[lk.contact-sys.com] SQL Injection reset_password FP_LK_USER_LOGIN'
18 Nov 2018 timeline
b'QIWI' disclosed a bug submitted by b'bobrov' 
b'[contact-sys.com] SQL Injection /ajax/where/cityNameByCountryId limit param'
18 Nov 2018 timeline
b'QIWI' disclosed a bug submitted by b'bobrov' 
b'[contact-sys.com] XSS /ajax/transfer/status trn param'
18 Nov 2018 timeline
b'QIWI' disclosed a bug submitted by b'bobrov' 
b'[lk.contact-sys.com] LKlang Path Traversal'
18 Nov 2018 timeline
b'QIWI' disclosed a bug submitted by b'bobrov' 
b'[ibank.qiwi.ru] XSS via Request-URI'
18 Nov 2018 timeline
1 ... 452 453 454 455 456 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM