REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
83
b'linkks'
75
b'jobert'
70
b'nyymi'
62
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Ruby'
disclosed a bug submitted by
b'ooooooo_q'
b'Unix domain socket and a path containing a null character'
31 Mar 2018
b'Khan Academy'
disclosed a bug submitted by
b'ethanluismcdonough'
b'XSS through document projects'
30 Mar 2018
b'HackerOne'
disclosed a bug submitted by
b'blackni9ht'
b'Unicorn worker pool exhaustion by continuously updating payout preferences'
30 Mar 2018
b'Ruby'
disclosed a bug submitted by
b'aerodudrizzt'
b'controlled buffer under-read in pack_unpack_internal()'
30 Mar 2018
b'Zomato'
disclosed a bug submitted by
b'gerben_javado'
b'Blind XSS - Report review - Admin panel'
29 Mar 2018
b'Zomato'
disclosed a bug submitted by
b'gerben_javado'
b'[www.zomato.com] Privilege Escalation - /php/restaurant_menus_handler.php'
29 Mar 2018
b'Zomato'
disclosed a bug submitted by
b'gerben_javado'
b'[www.zomato.com] Privilege Escalation - Control reviews - /????dashboard_handler.php'
29 Mar 2018
b'Zomato'
disclosed a bug submitted by
b'gerben_javado'
b'[www.zomato.com] Boolean SQLi - /???????.php'
29 Mar 2018
b'Zomato'
disclosed a bug submitted by
b'gerben_javado'
b'[www.zomato.com] Boolean SQLi - /?????.php'
29 Mar 2018
b'Upserve '
disclosed a bug submitted by
b's3curityb3ast'
b'reports.breadcrumb.com is vulnerable for Arbitrary file existence disclosur CVE-2014-7829 '
29 Mar 2018
b'Brave Software'
disclosed a bug submitted by
b'skansing'
b'Download attribute allows downloading local files'
29 Mar 2018
b'HackerOne'
disclosed a bug submitted by
b'yaworsk'
b'Extra program metrics disclosed via /PROGRAM_NAME json response'
28 Mar 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'chalker'
b'`whereis` concatenates unsanitized input into exec() command'
28 Mar 2018
b'Node.js third-party modules'
disclosed a bug submitted by
b'bl4de'
b'[metascrapper] Stored XSS in Open Graph meta properties read by metascrapper'
28 Mar 2018
b'Pornhub'
disclosed a bug submitted by
b'sp1d3rs'
b'Stored XSS (client-side, using cookie poisoning) on the pornhubpremium.com'
27 Mar 2018
b'HackerOne'
disclosed a bug submitted by
b'0x0g'
b'h1-202 leaderboard photo discloses local wifi password '
25 Mar 2018
b'WePay'
disclosed a bug submitted by
b'sp1d3rs'
b'Reflected XSS in the IE 11 / Edge (latest versions) on the stage-go.wepay.com'
24 Mar 2018
b'Ruby on Rails'
disclosed a bug submitted by
b'kaarloh'
b"XSS vulnerability in sanitize-method when parsing link's href"
22 Mar 2018
b'RubyGems'
disclosed a bug submitted by
b'nmalkin'
b'Installer can modify other gems if gem name is specially crafted'
22 Mar 2018
b'Twitter'
disclosed a bug submitted by
b'vijay_kumar1110'
b'Urgent : Unauthorised Access to Media content of all Direct messages and protected tweets(Indirect object reference)'
21 Mar 2018
1
...
471
472
473
474
475
...
738
BY DENIS WERNER - @NOBBD -
IMPRESSUM
