Infosec Institute

Open Bug Bounty mentioned in the
Top 6 Bug Bounty programs of
2022 by the InfoSec Institute

The Hacker News

Open Bug Bounty named among the
Top 5 Bug Bounty programs of 2021
by The Hacker News

Platform update: please use our new authentication mechanism to securely use the Open Bug Bounty Platform.
For security researchers
Report a Vulnerability
Submit, help fixing, get kudos.
For website owners
Start a Bug Bounty
Run your bounty program for free.
 1,705,137 coordinated disclosures
1,383,652 fixed vulnerabilities
1,993 bug bounty programs, 3,924 websites
47,129 researchers, 1,652 honor badges

OpenBugBounty.org > Bug Bounty List > Traderlink S.r.l. Bug Bounty Program

Traderlink S.r.l. Bug Bounty Program

Traderlink S.r.l. runs a bug bounty program to ensure the highest security and privacy of its websites. Everyone is eligible to participate in the program subject to the below-mentioned conditions and requirements of Traderlink S.r.l.

Open Bug Bounty performs triage and verification of the submissions. However, we never intervene to the further process of vulnerability remediation and disclosure between Traderlink S.r.l. and researchers.

Bug bounty program allow private submissions only.

Bug Bounty Scope

The following websites are within the scope of the program:

*.thefinance.it
*.youfinance.it
traderlink.com
*.traderlink.com
traderlink.it
*.traderlink.it

Non-Intrusive Submissions Handling

The following section encompasses submission of the vulnerabilities that do not require intrusive testing as per Open Bug Bounty rules:

- Cross Site Scripting (XSS)
- Open Redirect

- Cross Site Request Forgery (CSRF)
- Improper Access Control

General Requirements:

- always send a working PoC with CVSS score
- attach screenshots
- provide brief remediation guidelines

Testing Requirements:

- restriction to use vulnerability scanners
- don’t test during weekdays
- don’t perform social engineering attacks

Possible Awards:

No possible awards

Special Notes:

- you ask to not disclose or discuss any found vulnerabilities anywhere

Other Submissions Handling

Website owner want to receive information about other vulnerabilities

Notifications:

[email protected]

PGP Key:

Show key

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBGTH0igBEADVwscTOWZUbpoNkM9nT7or65i0fyaM22KHZ1W4x3KkWBxilAdT
UtTU/tp6nDWk2LtmgwKrTY83TFCjBF9fVWe1+vFMnwX9w+FCOF07Dmbz1SphjznH
5f5pkte31+gnIRLUUncHJkoZOiOmmBm87gWefXMf77AST1f5sL50RZYI3qimh4gF
QqD1dBCzwsCmn7FqCQz7d5h5G+Phk1RuWfHSBGhE3XhvnwX/jiTiR2UZ3Aakg5UA
PL2S4UnCAmMmghwEKhnuwkCJru45oU3VE2v55v5Qd9IixjYrJUEkv7a9xOvf+cCZ
RBAmPLlVd2+TfCJRAlYsf/dhENAxvkxtL0eu4VPcH5XoLT8aroa18CEJezr6jAwr
4fpA3y2BWByaFp5XLgBx/PYM/4gYue5nhp6cJQeTL/Y9ZQEbwC8LoGdWNJJ+3wAb
tU/yC4FCybaq1IkViM5IrXeLg33LTwLU1v6DYtbHpL/NBDoWUIo6dC/QKBSk/T4P
2O21+X0isn7FjYhpjXJKoB+1zy6XnpGwnf21dqaNd6Gv840IFmSwfOxiQiWPKIBK
a8PkiGIFVVLkvWjRUXOrPA2r+cLLq5swPVj8gb67MAQ9LV3G2ATj0w4dXF6rRKoG
wZpkxUfMdqaOoa7F105+k+E57/2XssbEbDZX4WyS6XrQnm2Cg/w9MzstpQARAQAB
tCxUcmFkZXJsaW5rIFNlY3VyaXR5IDxzZWN1cml0eUB0cmFkZXJsaW5rLml0PokC
VAQTAQoAPhYhBDxPjEEWeWudSVUYxGWinQ/y4SVuBQJkx9IoAhsDBQkSzAMABQsJ
CAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEGWinQ/y4SVuXTIP/jbjA46mNJmhIX+B
VgoBGuvBgDNiaLEEgTwR8dkar8JyU1wuFRlB/CZ+wBY3E5MgnwN8S27rXyG2xdSL
X35EKXDMXWyuIZ26XcKEIe1hM6LTVvyW6Cl/3zLKHkR/1gMjgivW54uHYfSU2iIi
nVsdMYAHouXA7Xcaedbe14rXnECK9wUL8dTUYYqNLrrH83D8JzPJYEjvCcp5RH1C
wMY4kJk1+J6jzpJms3d9JjqtCu4FXqgNdeCdEsZptmBhxnAdY8Ll8RKw2R3IWjgo
9C7+j8AZQytrN4YY2jWqb9L8w34Sse1OH/8bp74PCzczuA3avKoI/N3klap2e4mN
lEhWdD+2vgnV+ew7OYcWqxShRVWyLT1l/WtKrRpjSYiHxyhesLHHD0SK1pK+VGIU
wmxc8pcuuCkiDxg1zt8KFjNU36ATSfbNt92HdxxoWVGebSgjouf13KSMbnUTtszh
4NaoDp5JJZfQwTnRdoMNqZktQjPkfUohrwxVztftU+zdOYUSR+RChWrcUT162vTJ
dErJryIKR99IrTevgwPQmotvgQWs8owvYTUhGZUXAYZHCjzlNK7FsC6mMRhfLZ3Q
5cBmYH3DTaDeL9EglWn52RsG3X/IvVUXREf61Q4eqiFhx7QhJ42Ot/cPBcaG+AI8
nHbUIv8qJnjjZMXUIkJdDTDNTvP7uQINBGTH0igBEADOoGsRr16L0mqtZuDWjB4z
EmHbQVFjKM4haR07f3YBKLb9i+KaUNktp6ai4stajFliffFMLIRfeXkOyXGNsEvb
PomGPxbSsjeLqd5eDbPmB8/uta3g2z5cBQ5ZYrMp2mJy8R6apQQx4lGEkhpbBCAp
SwbSc7rK9HatT1zOveWeTo/IFFVcP8hVJ0SWR0Ol0b5NBHN0AZS1X7wr/BTTQTmk
Px1RL2mY+jZuqcFgoSxCdIObxuuY+07+tJT09D7LHARFn4lIvcpDlgiFzu9jFFyW
41m1qDAT80yHHwkB6GQPQkILwzrIgeVXtsTEe10bXbNdm3XRe5OdXDQodHdM+cQb
uF1mJ7m7rvmkb5C/kUaOCDp51MR+FCgZyuJG7NPylyb0ny1nrDctEd4zX4uTn+27
gJQ2EanhGb/ewMAnMv4w/hnwqIb3wNgBNLj4cCSbIcICc2Mg8VFukHZC3oTVfeBB
WNpsYhv4Wp/9I9xU7deP85yHnSA/iKu2b+l7/yspHcqJHx4Ez2KUiGzX1NKoQxJB
o59L2ngQhu7oPTo/VLW6t93Mn2FgYOOOWAJRVEpL0oxhGieDbDA4wwmyNhACXdaj
c6GKOh+7u1H+NFzXVUZWD6VbNuY7YxgO2gW7o+RpseL39bky3dLcdOkZ651a0VEu
R7C45+KW/Bq+GgbV/UCdvwARAQABiQI8BBgBCgAmFiEEPE+MQRZ5a51JVRjEZaKd
D/LhJW4FAmTH0igCGwwFCRLMAwAACgkQZaKdD/LhJW4jhBAAx8K7KBAGuFnymd2i
D4/X0UIStWzpp69P49hPyQ9RGCnlNMU4b9cycdzO0Wma5oFeLcbmQo0hUR91L5KD
kKnY7j6i/VfYqibGYhCrkqu+1HJ7aRCl7tVhjTi6Mi7XQa/lXZLXeahCbEeJRDeA
VUuj8wp0c2QhLfI72kbidCiHTh6LTS+JboAc3oWlsWbLitxIkGJRklQ+98izaD8m
a/Rviibmhy1o6K6qnyAHaft13BRF67p0OEQbwLmQRb1hVLg68RxjPN/NtNoPR3RH
W3I3NKDy/FD6LjBBxur/PnU0PWTWOzUsTrvRyihyqem2jn7yLnGUfR1XBPggfXI3
82yfxpnI6sPaVpEbC2rAVfjgrt4M2wqUTdGsY95roolkCCZTquqra/SYnKd9DA62
SsQoariR6mGNSp9uRghj97hUeFgJo0IQWfZAd5xu7bwP7Zl7cKpBrnS6XfkAvDRK
vj8Zuq0ajcHoOiHLSqY6gqvnnUda2Kvui2qv13Et756z2eKLD1GkD7xRt7RtHe4H
0qtANSjzPauWD9D+augeamtR+R9azG/ZuP65UwRGxrliWCfHgEdRt5LUsRDhLWeW
UZ61DXjRSO8iF5CJlffbmVm2XSDWtGvuaO+bqu92YqVinjTI6NhfTrjzVSK3MudM
7Uq2f8Vm7gscP8+PQqtN29An4Y4=
=LaoG
-----END PGP PUBLIC KEY BLOCK-----

General Requirements:

- always send a working PoC with CVSS score
- attach screenshots
- provide brief remediation guidelines

Testing Requirements:

- restriction to use vulnerability scanners
- don’t test during weekdays
- don’t perform social engineering attacks

Possible Awards:

- there is no reward

Special Notes:

- you ask to not disclose or discuss any found vulnerabilities anywhere

Community Rating

Provided by security researchers who reported security vulnerabilities via this bug bounty program:

 
Response Time  Information How quickly researchers get responses to their submissions.
Remediation Time  Information How quickly reported submissions are fixed.
Cooperation and Respect  Information How fairly and respectfully researchers are being treated.

Researcher's comments

No comments so far.

  Latest Patched

 28.04.2024 pedralva.mg.gov.br
 28.04.2024 novaubirata.mt.gov.br
 28.04.2024 meteorologia...civil.gov.co
 28.04.2024 thurrock.gov.uk
 28.04.2024 yalnizmp3.ws
 28.04.2024 vtc.gov.tw
 28.04.2024 grintie.psyed.edu.es
 28.04.2024 jxfy.gov.cn
 28.04.2024 preproduccio...ratos.gov.co
 27.04.2024 agris.doa.gov.my

  Latest Blog Posts

04.12.2023 by BAx99x
Unmasking the Power of Cross-Site Scripting (XSS): Types, Exploitation, Detection, and Tools
04.12.2023 by a13h1_
$1120: ATO Bug in Twitter’s
04.12.2023 by ClumsyLulz
How I found a Zero Day in W3 Schools
04.12.2023 by 24bkdoor
Hack the Web like a Pirate: Identifying Vulnerabilities with Style
04.12.2023 by 24bkdoor
Navigating the Bounty Seas with Open Bug Bounty

  Recent Recommendations

    22 April, 2024
    genoverband:
Thank you for your invaluable help in ensuring the security of our domain and its visitors!
    10 April, 2024
    Mars:
Hatim uncovered a XSS bug that we were able to quickly resolve. Thanks very much for your assistance and help.
    8 April, 2024
    Panthermedia:
Thanks to the support of Hatim Chabik, we were able to identify and solve an XSS bug.
    5 April, 2024
    pubpharm:
Pooja found a XSS vulnerability on our website and provided us with the needed Information for replication and fixing the issue. Which she verified afterwards.
We thank her for the reporting and assistance.
    2 April, 2024
    genoverband:
Thank you for your invaluable help in ensuring the security of our domain and its visitors!
Making Web a Safer Place
Coordinated & Responsible Disclosure
Based on ISO 29147 Guidelines

2023 © OpenBugBounty
  • Follow us