REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Automattic'
disclosed a bug submitted by
b'slavco'
b'woocommerce - prevent_caching() bug / bypass'
16 Sep 2017
b'Cuvva'
disclosed a bug submitted by
b'leet-boy'
b"Insecure Direct Object Reference (IDOR) Allowing me to claim other user's photos (driving license and selfies) as mine"
15 Sep 2017
b'TTS Bug Bounty'
disclosed a bug submitted by
b'sp1d3rs'
b'Reflected XSS on the data.gov (WAF bypass+ Chrome XSS Auditor bypass+ works in all browsers)'
15 Sep 2017
b'TTS Bug Bounty'
disclosed a bug submitted by
b'sp1d3rs'
b'HTML injection (with XSS possible) on the https://www.data.gov/issue/ using media_url attribute'
15 Sep 2017
b'Automattic'
disclosed a bug submitted by
b'slavco'
b'Unauthenticated RCE in Vaultpress'
15 Sep 2017
b'Ruby'
disclosed a bug submitted by
b'mame'
b'Escape sequence injection vulnerability in WEBrick BasicAuth'
15 Sep 2017
b'Legal Robot'
disclosed a bug submitted by
b'hulskr'
b'Profile fields validation mismatch'
15 Sep 2017
b'Legal Robot'
disclosed a bug submitted by
b'd4rk_g1rl'
b'Futureoflife organization URL should be HTTPS'
15 Sep 2017
b'Weblate'
disclosed a bug submitted by
b'alyanwarr'
b'No rate limit or captcha to identify humans'
15 Sep 2017
b'Legal Robot'
disclosed a bug submitted by
b'goodhackonly'
b'2FA manual entry uses wrong encoding'
14 Sep 2017
b'Zomato'
disclosed a bug submitted by
b'0xamir'
b'CSRF in the "Add restaurant picture" function'
14 Sep 2017
b'Legal Robot'
disclosed a bug submitted by
b'lov3_you'
b'observer.com URL should HTTPS'
14 Sep 2017
b'TTS Bug Bounty'
disclosed a bug submitted by
b'swag01'
b'Server Side Misconfiguration (EMAIL SPOOFING) '
14 Sep 2017
b'Ubiquiti Networks'
disclosed a bug submitted by
b'bobrov'
b'[dev-nightly.ubnt.com] Local File Reading'
14 Sep 2017
b'VK.com'
disclosed a bug submitted by
b'lincoln9932'
b'CSRF ????????? ???????? ?? ???????????? ??????? ??????.'
14 Sep 2017
b'Grabtaxi Holdings Pte Ltd'
disclosed a bug submitted by
b'paresh_parmar'
b'Blind stored xss [parcel.grab.com] > name parameter '
14 Sep 2017
b'Grabtaxi Holdings Pte Ltd'
disclosed a bug submitted by
b'sp1d3rs'
b'Private Grab Messages on Android App can be accessed and cached by Search Engines'
14 Sep 2017
b'Grabtaxi Holdings Pte Ltd'
disclosed a bug submitted by
b'sp1d3rs'
b'Authorization bypass using login by phone option+horizontal escalation possible on Grab Android App'
14 Sep 2017
b'Cuvva'
disclosed a bug submitted by
b'leet-boy'
b'No Notification Sent When Email Is Changed.'
13 Sep 2017
b'Grabtaxi Holdings Pte Ltd'
disclosed a bug submitted by
b'sp1d3rs'
b'Two-factor authentication bypass on Grab Android App'
12 Sep 2017
1
...
465
466
467
468
469
...
691
BY DENIS WERNER - @NOBBD -
IMPRESSUM