Coordinated and Responsible Vulnerability Disclosure Free Bug Bounty Program 328,405 coordinated disclosures
190,166 fixed vulnerabilities
405 bug bounties with 859 websites
9,193 researchers, 853 honor badges

TROELL s.r.o. Bug Bounty Program

TROELL s.r.o. runs a bug bounty program to ensure the highest security and privacy of its websites. Everyone is eligible to participate in the program subject to the below-mentioned conditions and requirements of TROELL s.r.o.

Open Bug Bounty performs triage and verification of the submissions. However, we never intervene to the further process of vulnerability remediation and disclosure between TROELL s.r.o. and researchers.

Bug bounty program allow all submissions.

Bug Bounty Scope

The following websites are within the scope of the program:

kkeramika.ibyznys.cz
shop.vinekon.cz
eshop.nobleclass.cz
doutnikydymky.cz
bongyvodnice.cz
eshop.am-autochemie.cz
klempirsky-obchod.cz
eshop.mbkeramika.cz
humidor.cz
vseprokoureni.cz
kkeramika.ibyznys.cz
eshop.tiger1.cz
garancia.ibyznys.cz
obchod.top-oil.cz
akordy.cz
shop.vinekon.cz
e-shop.bobo.cz
acolor.cz
papirnictvi-tempus.cz
aaizolace.cz
care4you.cz
velkoobchodmcu.cz
levnesporaky.cz
gas-as.cz
obchod.belet.cz
techmat.cz
azweld.eu
jsc-brno.cz
ecomarket.cz
babypoint.cz
autobyznys.cz
bralep.cz
eshop.bupospol.cz
losandes.cz
einhell.cz
autobyznys.cz
eshop.fortisdb.cz
mladyjazz.troell.cz
*.bralep.cz

Non-Intrusive Submissions Handling

The following section encompasses submission of the vulnerabilities that do not require intrusive testing as per Open Bug Bounty rules:

- Cross Site Scripting (XSS)
- Open Redirect

- Cross Site Request Forgery (CSRF)
- Improper Access Control

General Requirements:

-

Testing Requirements:

-

Possible Awards:

-

Special Notes:

-

Community Rating

Provided by security researchers who reported security vulnerabilities via this bug bounty program:

 
Response Time  How quickly researchers get responses to their submissions.
Remediation Time  How quickly reported submissions are fixed.
Cooperation and Respect  How fairly and respectfully researchers are being treated.

  Latest Patched

 22.03.2019 livestream.com
 21.03.2019 vuetifyjs.com
 21.03.2019 365psd.com
 21.03.2019 ecartelera.com
 21.03.2019 bergfex.at
 20.03.2019 billabong.com
 20.03.2019 gcu.ac.uk
 20.03.2019 condos.ca
 20.03.2019 yesmovies.gg
 20.03.2019 gold.de

  Latest Blog Posts

19.03.2019 by Open Bug Bounty
GDPR PII exposure can now be securely reported via Open Bug Bounty
24.02.2019 by ismailtsdln
Apple XSS Vulnerability - Proof of Concept (PoC)
24.02.2019 by ismailtsdln
How do you use an xss as a keylogger ?
23.02.2019 by ismailtsdln
Everything about XSS is in this source!
20.02.2019 by drok3r
ModSecurity - ByPass XSS

  Recent Recommendations

    22 March, 2019
     jcfmachado:
Thank you for your time and notification.
    19 March, 2019
     rogerdc01:
Ezio has helped me with a vulnerability. Answered very fast after some questions and showed the way to examine the issue. Very professional!
    19 March, 2019
     interactmultim1:
Thank you k0t for reporting this bug. We appreciate your work!
    19 March, 2019
     CoreInstance:
Armin, vielen Dank für deine professionelle Unterstützung! Dank deiner Hilfe, konnten wir die Schwachstelle bei unserem Kunden direkt beheben.
    18 March, 2019
     ArnY:
Un grand merci pour votre aide. Suite à votre retour rapide et précis la faille a été corrigée rapidement par nos équipes.