REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'concrete5'
disclosed a bug submitted by
b'csanuragjain'
b'Content Spoofing possible in concrete5.org'
23 Jul 2017
b'Dashlane'
disclosed a bug submitted by
b'csanuragjain'
b'Extract Billing admin email address using random team id'
23 Jul 2017
b'Udemy'
disclosed a bug submitted by
b'csanuragjain'
b'Content Spoofing in udemy'
23 Jul 2017
b'Cuvva'
disclosed a bug submitted by
b'aliv3'
b'CSRF on cuvva.insure allows to attacker to send multiple SMS to download the app without visiting the cuvva'
23 Jul 2017
b'Dashlane'
disclosed a bug submitted by
b'rbcafe'
b'[https://www.dashlane.com] Test Panel Disclosure'
21 Jul 2017
b'Legal Robot'
disclosed a bug submitted by
b'sunil_yedla'
b'Account profile shows encryption recovery box for all users'
21 Jul 2017
b'Coinbase'
disclosed a bug submitted by
b'mahakaal'
b'Information disclosure same issue #176002'
21 Jul 2017
b'Shopify'
disclosed a bug submitted by
b'xssa'
b'XSS in my.shopify.com in widget'
21 Jul 2017
b'Shopify'
disclosed a bug submitted by
b'pappan'
b'Open Redirect in shopify app URL'
21 Jul 2017
b'Ubiquiti Networks'
disclosed a bug submitted by
b'phenix'
b'[EdgeSwitch] Web GUI command injection as root with Privilege-1 and Privilege-15 users'
21 Jul 2017
b'GitLab'
disclosed a bug submitted by
b'edio'
b'CSV injection in gitlab.com via issues export feature.'
21 Jul 2017
b'Airbnb'
disclosed a bug submitted by
b'al7311'
b'Call back number not verified'
20 Jul 2017
b'Frans Visits Vegas'
disclosed a bug submitted by
b'fransrosen'
b'Frans Visits Vegas Announcement'
20 Jul 2017
b'WakaTime'
disclosed a bug submitted by
b'footstep'
b'Email Injection through Password Reset'
20 Jul 2017
b'Legal Robot'
disclosed a bug submitted by
b'mostafamamdoh'
b'Token leakage by referrer'
19 Jul 2017
b'Shopify'
disclosed a bug submitted by
b'inhibitor181'
b'IDOR [partners.shopify.com] - User with ONLY Manage apps permission is able to get shops info and staff names from inside the shop'
19 Jul 2017
b'Zomato'
disclosed a bug submitted by
b'kuroi-sh'
b'SQL Injection, exploitable in boolean mode'
19 Jul 2017
b'Zomato'
disclosed a bug submitted by
b'gerben_javado'
b'[?????????] Hardcoded credentials in Android App'
19 Jul 2017
b'Legal Robot'
disclosed a bug submitted by
b'brdoors4'
b'Non-functional 2FA recovery codes'
19 Jul 2017
b'Mixmax'
disclosed a bug submitted by
b'encrypt'
b'Blind SSRF due to img tag injection in career form'
19 Jul 2017
1
...
483
484
485
486
487
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM