Coordinated and Responsible Vulnerability Disclosure Free Bug Bounty Program 339,131 coordinated disclosures
195,476 fixed vulnerabilities
455 bug bounties with 927 websites
9,580 researchers, 870 honor badges

Coding Labs Bug Bounty Program

Coding Labs runs a bug bounty program to ensure the highest security and privacy of its websites. Everyone is eligible to participate in the program subject to the below-mentioned conditions and requirements of Coding Labs

Open Bug Bounty performs triage and verification of the submissions. However, we never intervene to the further process of vulnerability remediation and disclosure between Coding Labs and researchers.

Bug bounty program allow private submissions only.

Bug Bounty Scope

The following websites are within the scope of the program:

staging.liveplatforms.com
jewelry-auctioned.com
coins-auctioned.com
gemrockauctions.com
opalauctions.com

Non-Intrusive Submissions Handling

The following section encompasses submission of the vulnerabilities that do not require intrusive testing as per Open Bug Bounty rules:

- Cross Site Scripting (XSS)
- Open Redirect

- Cross Site Request Forgery (CSRF)
- Improper Access Control

General Requirements:

Contact us via Open Bug Bounty.

Testing Requirements:

RUN TESTS AGAINST staging.liveplatforms.com. This is a staging site which holds sample data only and uses sandboxed emails, payments etc.

Do not interfere with user data or make your presence known by production users.

Possible Awards:

- payments (PayPal)

Community Rating

Provided by security researchers who reported security vulnerabilities via this bug bounty program:

 
Response Time  How quickly researchers get responses to their submissions.
Remediation Time  How quickly reported submissions are fixed.
Cooperation and Respect  How fairly and respectfully researchers are being treated.

  Latest Patched

 18.04.2019 guatemala.com
 18.04.2019 crossref.org
 17.04.2019 mzitu.com
 17.04.2019 manilatimes.net
 17.04.2019 smiledirectclub.com
 17.04.2019 cardiff.ac.uk
 17.04.2019 ktown4u.com
 17.04.2019 espnfc.com
 16.04.2019 univ-poitiers.fr
 16.04.2019 burton.com

  Latest Blog Posts

04.04.2019 by Gh05tPT
XSS alert() variants
03.04.2019 by ismailtsdln
PHP Security Check List [ EN ]
02.04.2019 by Open Bug Bounty
API for bug bounty owners
02.04.2019 by MiguelSantareno
Google Dorks to find open redirects:
02.04.2019 by MiguelSantareno
Cross Site Script angular payloads:

  Recent Recommendations

    18 April, 2019
     myparadisio:
Thanks k0t, for pointed out two XSS vulnerabilities on our website!
Your input was very much appreciated!
    17 April, 2019
     rhyswynne:
acelakshitverma helped identify a bug on my hobby site and fixed it. Thanks!
    16 April, 2019
     Danny76084307:
Hallo Armin,
vielen Dank für Deinen Einsatz!
Durch deinen Hinweis konnten wir zwei Lücken schließen.
Schöne Grüße
Danny
    15 April, 2019
     matthias_lueck:
Felipe found a vulnerability in our website , which we were able to fix with Felipes detailed report. He was very responsive and professional. Highly recommended!
Thank you very much Felipe!
    15 April, 2019
     watergateweb:
Another XSS vulnerability found, thanks a lot!