the unofficial HackerOne disclosure timeline.

X
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'`command-exists` concatenates unsanitized input into exec()/execSync() commands'
11 May 2018 timeline
b'Twitter' disclosed a bug submitted by b'lukeberner' 
b'ms5 debug page exposing internal info (internal IPs, headers)'
11 May 2018 timeline
b'Mail.Ru' disclosed a bug submitted by b'xawdxawdx' 
b'CSRF ?? calendar.mail.ru'
11 May 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'bl4de' 
b"[buttle] Remote Command Execution via unsanitized PHP filename when it's run with --php-bin flag"
11 May 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'caioluders' 
b'Bypass to defective fix of Path Traversal '
11 May 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'`fs-path` concatenates unsanitized input into exec()/execSync() commands'
11 May 2018 timeline
b'Mail.Ru' disclosed a bug submitted by b'obmi' 
b'XSS on e.mail.ru via postMessage'
11 May 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'`stringstream` allocates uninitialized Buffers when number is passed in input stream on Node.js 4.x and below'
11 May 2018 timeline
b'ICQ' disclosed a bug submitted by b'whitehattushu' 
b'The auth token does not expire on logging out and even after logging out all sessions'
11 May 2018 timeline
b'Mail.Ru' disclosed a bug submitted by b'xawdxawdx' 
b'Shell upload in http://widget.support.my.com/'
11 May 2018 timeline
b'JamieWeb' disclosed a bug submitted by b'retr0' 
b'Insecure Transportation Security Protocol Supported (TLS 1.0) on https://www.jamieweb.net'
11 May 2018 timeline
b'Rockstar Games' disclosed a bug submitted by b'n00bsec' 
b'Table and Column Exposure'
10 May 2018 timeline
b'Udemy' disclosed a bug submitted by b'cha5m' 
b'Subdomain Takeover (and Stored XSS) via Trailing Dot at https://coding-exercises.udemy.com'
10 May 2018 timeline
b'New Relic' disclosed a bug submitted by b'apapedulimu' 
b'Captcha Bypass on SignUp Form'
10 May 2018 timeline
b'Inflection' disclosed a bug submitted by b'tolo7010' 
b'Clickjacking on https://www.goodhire.com/api'
10 May 2018 timeline
b'Lyst' disclosed a bug submitted by b'tolo7010' 
b'Bypassing one-time checkout router page (revealing payment information)'
10 May 2018 timeline
b'Valve' disclosed a bug submitted by b'ramsexy' 
b'Link filter protection bypass'
09 May 2018 timeline
b'Valve' disclosed a bug submitted by b'ramsexy' 
b'LFI in pChart php library'
09 May 2018 timeline
b'Zomato' disclosed a bug submitted by b'gcurtiss_' 
b'XSS in "explore-keywords-dropdown" results.'
09 May 2018 timeline
b'Valve' disclosed a bug submitted by b'kenziy' 
b'Xss was found by exploiting the URL markdown on http://store.steampowered.com'
09 May 2018 timeline
1 ... 489 490 491 492 493 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM