Report a Vulnerability
Submit, help fixing, get kudos.
Start a Bug Bounty
Run your bounty program for free.
612,938 coordinated disclosures
393,472 fixed vulnerabilities
929 bug bounties with 1,869 websites
18,819 researchers, 1199 honor badges

Bug Bounty Programs List


 Company Name Verified
domains
Reports
Total/Fixed/Unfixed
1
2 / 0 / 2
5
40 / 19 / 21
1
12 / 1 / 11
1
2 / 2 / 0
1
18 / 9 / 9
3
11 / 6 / 5
1
17 / 2 / 15
1
5 / 1 / 4
3
4 / 4 / 0
1
23 / 1 / 22
3
2 / 2 / 0
1
6 / 5 / 1
1
1 / 1 / 0
1
16 / 1 / 15
1
7 / 1 / 6
1
4 / 2 / 2
1
0 / 0 / 0
1
6 / 1 / 5
1
4 / 3 / 1
1
8 / 5 / 3










  Latest Patched

 30.10.2020 123rf.com
 30.10.2020 t3n.de
 30.10.2020 489pro.com
 30.10.2020 dgtle.com
 29.10.2020 photobucket.com
 29.10.2020 istockphoto.com
 29.10.2020 skin.gs
 28.10.2020 plos.org
 28.10.2020 audiusa.com
 28.10.2020 um.es

  Latest Blog Posts

26.10.2020 by _r00t1ng_
Bypass Addslashes using Multibyte Character
26.10.2020 by _r00t1ng_
One Payload to Inject them all - MultiQuery Injection
26.10.2020 by _r00t1ng_
Routed SQL Injection
26.10.2020 by _r00t1ng_
DIOS the SQL Injectors Weapon
26.10.2020 by p4c3n0g3
How to find AngularJS XSS

  Recent Recommendations

@benskiddle     30 October, 2020
    Twitter benskiddle:
Great disclosure of an SQL injection bug with good details to replicate the issue. Thank you.
@MizoueShumpei     29 October, 2020
    Twitter MizoueShumpei:
Thank you very much for your help.
@adridder     28 October, 2020
    Twitter adridder:
Thank you for your help with this XSS vulnerability on our site. We appreciate the responsible reporting via openbugbounty.
@gaborvitez     28 October, 2020
    Twitter gaborvitez:
Ajaysen R found a reflected cross site scripting bug in one of our cgi scripts, this way he helped us improve the security of our website. He was really fast to react, working with him was really a pleasure. We are grateful for the issues he made us aware of.
@Jobe1986     28 October, 2020
    Twitter Jobe1986:
Thank you for your efforts and reporting the XSS vulnerability you found on my website.