REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Vimeo'
disclosed a bug submitted by
b'stefanofindsbugs'
b'Stored XSS on player.vimeo.com'
31 Aug 2017
b'Vimeo'
disclosed a bug submitted by
b'stefanofindsbugs'
b'XSS when using captions/subtitles on video player based on Flash (requires user interaction)'
31 Aug 2017
b'Vimeo'
disclosed a bug submitted by
b'stefanofindsbugs'
b'XSS on vimeo.com | "Search within these results" feature (requires user interaction)'
31 Aug 2017
b'Vimeo'
disclosed a bug submitted by
b'stefanofindsbugs'
b'XSS on vimeo.com/home after other user follows you'
31 Aug 2017
b'Vimeo'
disclosed a bug submitted by
b'stefanofindsbugs'
b'XSS on player.vimeo.com without user interaction and vimeo.com with user interaction'
31 Aug 2017
b'Badoo'
disclosed a bug submitted by
b'stefanofindsbugs'
b'Open redirect helps to steal Facebook access_token'
31 Aug 2017
b'Badoo'
disclosed a bug submitted by
b'stefanofindsbugs'
b'crossdomain.xml too permissive on eu1.badoo.com, us1.badoo.com, etc.'
31 Aug 2017
b'Vimeo'
disclosed a bug submitted by
b'stefanofindsbugs'
b'XSS on mobile version of vimeo.com where the button "Follow" appears'
31 Aug 2017
b'Weblate'
disclosed a bug submitted by
b'punkit'
b'Improper Cookie expiration | Cookies Expiration Set to Future '
31 Aug 2017
b'Legal Robot'
disclosed a bug submitted by
b'gujjuboy10x00'
b'No length limit in invite_code can cause server degradation'
31 Aug 2017
b'RubyGems'
disclosed a bug submitted by
b'claudijd'
b'Request Hijacking Vulnerability in RubyGems 2.6.11 and earlier'
30 Aug 2017
b'RubyGems'
disclosed a bug submitted by
b'mame'
b'Escape sequence injection in "summary" field'
30 Aug 2017
b'Coinbase'
disclosed a bug submitted by
b'danilg'
b'Inaccurate Payment receipt '
30 Aug 2017
b'Coinbase'
disclosed a bug submitted by
b'7h3_3y3'
b' Information disclosure in coinbase android app'
30 Aug 2017
b'Coinbase'
disclosed a bug submitted by
b'dark_heaven'
b'Csrf bug on signup session'
30 Aug 2017
b'Coinbase'
disclosed a bug submitted by
b'mandy1394'
b'Information disclosue in Android Application'
30 Aug 2017
b'Trello'
disclosed a bug submitted by
b'sireeeeens'
b'A CRLF injection into the redirect URL of https://trello.com/1/authorize can be used to cause a denial of service when later redirected to'
30 Aug 2017
b'Quora'
disclosed a bug submitted by
b'bagipro'
b'[Quora Android] Possible to steal arbitrary files from mobile device'
30 Aug 2017
b'shopify-scripts'
disclosed a bug submitted by
b'an0n-j'
b'Clearing , Shifting and Pop Value from Frozen Array '
30 Aug 2017
b'VK.com'
disclosed a bug submitted by
b'zhumarin'
b'api.vk.com ?????? ? ????? HTML ???????????????? ???????? vk.com'
30 Aug 2017
1
...
469
470
471
472
473
...
691
BY DENIS WERNER - @NOBBD -
IMPRESSUM