OpenBugBounty.org > Bug Bounty List > Online Commerce Ltd Bug Bounty Program

Online Commerce Ltd Bug Bounty Program

Online Commerce Ltd runs a bug bounty program to ensure the highest security and privacy of its websites. Everyone is eligible to participate in the program subject to the below-mentioned conditions and requirements of Online Commerce Ltd

Open Bug Bounty performs triage and verification of the submissions. However, we never intervene to the further process of vulnerability remediation and disclosure between Online Commerce Ltd and researchers.

Bug bounty program allow private and public submissions.

Bug Bounty Scope

The following websites are within the scope of the program:

base.com

Non-Intrusive Submissions Handling

The following section encompasses submission of the vulnerabilities that do not require intrusive testing as per Open Bug Bounty rules:

- Cross Site Scripting (XSS)
- Open Redirect

- Cross Site Request Forgery (CSRF)
- Improper Access Control

General Requirements:

All kind of issues can be reported

Testing Requirements:

Vulnerabilities should be verified as authentic, and not simply automated results of pen-tests

Possible Awards:

Recommendation/acknowledgement in researchers profile.

Other Submissions Handling

Website owner want to receive information about other vulnerabilities

Notifications:

Please send us an email to [email protected]

General Requirements:

All kind of issues can be reported

Testing Requirements:

Vulnerabilities should be verified as authentic, and not simply automated results of pen-tests

Possible Awards:

Recommendation/acknowledgement in researchers profile.

Community Rating

Provided by security researchers who reported security vulnerabilities via this bug bounty program:

Researcher's comments

No comments so far.

Latest Patched

Recent Recommendations

6 April, 2020

chris05634528:

Jatin understood the importance of moving quickly and with discretion. He waited to until he found the right group to submit the details and provided easy-to-understand details.

As a result we have remediated the problem and have Jatin to thank.

5 April, 2020

christophmoar:

Cool and professional contact, quick response, I appreciate your effort.
Thanks!

3 April, 2020

KenDennis:

Brian helped to identify an XSS Vuln on a client's wordpress implementation and was quick and helpful to respond to our query. With his notes, we were able to quickly mitigate this issue and we appreciate his help and professionalism.

2 April, 2020

EmanuelePisapia:

I have really appreciated this researcher for his great skill and communication. He found a cross site scripting vulnerability on our service and help us fixing it. I recommend Broly157. He's a A++ researcher

31 March, 2020

reinisroz:

Thanks much, anguhari, for providing detailed information about XSS bug, found on our website. Highly recommended and professional security researcher!

Twitter Login		HOW IT WORKS Download presentation and learn how our service works PDF, 1MB
Report a Vulnerability
Browse Bug Bounty Programs
Write a Blog Post
Ask a Question

Start a Bug Bounty		HOW IT WORKS Download presentation and learn how our service works PDF, 1MB
Ask a Question
API


Response Time How quickly researchers get responses to their submissions.
Remediation Time How quickly reported submissions are fixed.
Cooperation and Respect How fairly and respectfully researchers are being treated.