Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'58 
b'ooooooo_q'52 
b'haxta4ok00'49 
b'jon_bottarini'49 

the unofficial HackerOne disclosure timeline.

X
b'HackerOne' disclosed a bug submitted by b'yaworsk' 
b'Extra program metrics disclosed via /PROGRAM_NAME json response'
28 Mar 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'`whereis` concatenates unsanitized input into exec() command'
28 Mar 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'bl4de' 
b'[metascrapper] Stored XSS in Open Graph meta properties read by metascrapper'
28 Mar 2018 timeline
b'Pornhub' disclosed a bug submitted by b'sp1d3rs' 
b'Stored XSS (client-side, using cookie poisoning) on the pornhubpremium.com'
27 Mar 2018 timeline
b'HackerOne' disclosed a bug submitted by b'0x0g' 
b'h1-202 leaderboard photo discloses local wifi password '
25 Mar 2018 timeline
b'WePay' disclosed a bug submitted by b'sp1d3rs' 
b'Reflected XSS in the IE 11 / Edge (latest versions) on the stage-go.wepay.com'
24 Mar 2018 timeline
b'Ruby on Rails' disclosed a bug submitted by b'kaarloh' 
b"XSS vulnerability in sanitize-method when parsing link's href"
22 Mar 2018 timeline
b'RubyGems' disclosed a bug submitted by b'nmalkin' 
b'Installer can modify other gems if gem name is specially crafted'
22 Mar 2018 timeline
b'Twitter' disclosed a bug submitted by b'vijay_kumar1110' 
b'Urgent : Unauthorised Access to Media content of all Direct messages and protected tweets(Indirect object reference)'
21 Mar 2018 timeline
b'Coinbase' disclosed a bug submitted by b'vicompany' 
b'Ethereum account balance manipulation'
21 Mar 2018 timeline
b'SEMrush' disclosed a bug submitted by b'asad90' 
b' CORS (Cross-Origin Resource Sharing)'
20 Mar 2018 timeline
b'MyCrypto' disclosed a bug submitted by b'bigshaq' 
b'DOM Based XSS in mycrypto.com'
18 Mar 2018 timeline
b'Monero' disclosed a bug submitted by b'c4c1234757b4f1e468a29d480d78f2' 
b'Monero GUI not linked with /DYNAMICBASE or hardening on windows, no ASLR'
18 Mar 2018 timeline
b'Cloudflare' disclosed a bug submitted by b'veggie' 
b'// (double slash) inside es6 template literals interpreted as an inline comment by the auto-minifier'
17 Mar 2018 timeline
b'Discourse' disclosed a bug submitted by b'mishre' 
b'Gaining access to private topics using quoting feature'
17 Mar 2018 timeline
b'Monero' disclosed a bug submitted by b'monero-hax123' 
b'Corrupt RPC responses from remote daemon nodes can lead to transaction tracing'
16 Mar 2018 timeline
b'MyCrypto' disclosed a bug submitted by b'w2w' 
b'Html injection mycrypto.com'
16 Mar 2018 timeline
b'HackerOne' disclosed a bug submitted by b'e333jsjs7se' 
b'Leakage badges on disabled user'
15 Mar 2018 timeline
b'Legal Robot' disclosed a bug submitted by b'code' 
b'https://www.legalrobot.com/'
14 Mar 2018 timeline
b'HackerOne' disclosed a bug submitted by b'kapytein' 
b'HTTP Parameter Pollution using semicolons in iframe element at hackerone.com/careers allows loading external Greenhouse forms'
13 Mar 2018 timeline
1 ... 461 462 463 464 465 ... 727
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM