Open Bug Bounty selected among the
Top 5 Bug Bounty programs to watch
in 2021 by The Hacker News

For security researchers
Report a Vulnerability
Submit, help fixing, get kudos.
For website owners
Start a Bug Bounty
Run your bounty program for free.
1,141,726 coordinated disclosures
746,732 fixed vulnerabilities
1,505 bug bounty programs, 2,997 websites
26,388 researchers, 1,386 honor badges

Flortal Bug Bounty Program

Flortal runs a bug bounty program to ensure the highest security and privacy of its websites. Everyone is eligible to participate in the program subject to the below-mentioned conditions and requirements of Flortal

Open Bug Bounty performs triage and verification of the submissions. However, we never intervene to the further process of vulnerability remediation and disclosure between Flortal and researchers.

Bug bounty program allow private and public submissions.

Bug Bounty Scope

The following websites are within the scope of the program:

*.flortal.nl
*.uhrfrisch.de
*.viafc.de
*.flortal.de
*.flowerconnection.de

Non-Intrusive Submissions Handling

The following section encompasses submission of the vulnerabilities that do not require intrusive testing as per Open Bug Bounty rules:

- Cross Site Scripting (XSS)
- Open Redirect

- Cross Site Request Forgery (CSRF)
- Improper Access Control

General Requirements:

Please send us the URL of the affected site and also the payload you used.

Testing Requirements:

Please don't perform social engeneering attacks.

Possible Awards:

Since the project is not yet finished and we don't make any money with it, we can't give a reward. We would be grateful if you would still report any problems.

Community Rating

Provided by security researchers who reported security vulnerabilities via this bug bounty program:

 
Response Time  Information How quickly researchers get responses to their submissions.
Remediation Time  Information How quickly reported submissions are fixed.
Cooperation and Respect  Information How fairly and respectfully researchers are being treated.

Researcher's comments

No comments so far.

  Latest Patched

 22.01.2022 filetender.com
 22.01.2022 idokep.hu
 22.01.2022 mp4.ir
 21.01.2022 pagalguy.com
 21.01.2022 bb.com.br
 21.01.2022 fsd.barnsley.gov.uk
 20.01.2022 billboard.com
 20.01.2022 adriculous.me
 20.01.2022 atmc.edu.au

  Latest Blog Posts

11.11.2021 by mistry4592
The Most used Chrome Extensions are Used For Penetration Testing.
08.10.2021 by NNeuchi
How I Found My First Bug Reflected Xss On PIA.GOV.PH(Philippine Information Agency)
26.08.2021 by PyaePhyoThu98
eG Manager v7.1.2: Improper Access Control lead to Remote Code Execution (CVE-2020-8591)
14.07.2021 by Open Bug Bounty
Interview With Open Bug Bounty
25.05.2021 by 0xrocky
Google XSS Game

  Recent Recommendations

@greencj     20 January, 2022
    Twitter greencj:
Very helpful with some major security vulnerability on our site. Thank you.
@timone09901536     19 January, 2022
    Twitter timone09901536:
Thank you alaouianas for warnings about XSS failures on our websites. We have fixed it.
@redsys     12 January, 2022
    Twitter redsys:
Mr. Prajapati found an XSS issue on our website and reported it ethically and accurately to us. Following his hints, today we patched the issue. Thank you very much!
@smiteworks     11 January, 2022
    Twitter smiteworks:
Rajesh provided additional information to further strengthen our site. He is an asset to the online community.
@companymatchdvd     11 January, 2022
    Twitter companymatchdvd:
Thank you Ravi for reporting an XSS vulnerability on our website.