Coordinated and Responsible Vulnerability Disclosure Free Bug Bounty Program 339,309 coordinated disclosures
195,603 fixed vulnerabilities
456 bug bounties with 928 websites
9,585 researchers, 870 honor badges

Wirth & Horn Bug Bounty Program

Wirth & Horn runs a bug bounty program to ensure the highest security and privacy of its websites. Everyone is eligible to participate in the program subject to the below-mentioned conditions and requirements of Wirth & Horn

Open Bug Bounty performs triage and verification of the submissions. However, we never intervene to the further process of vulnerability remediation and disclosure between Wirth & Horn and researchers.

Bug bounty program allow all submissions.

Bug Bounty Scope

The following websites are within the scope of the program:

behrs.de
hase-und-igel.de
loewe-verlag.de
europa-lehrmittel.de
ht-go.de
handwerk-technik.de
junfermann.de
waldorfbuch.de
dorlingkindersley.de
klett-sprachen.es
klett-usa.com
derdiedaf.com
klinkhardtundbiermann.de
hirmerverlag.de
tvz-verlag.ch
kunstmann.de
merkur-verlag.de
rundel.de
korsch-verlag.de
lindeverlag.at
international.klett-sprachen.de
dtv.de
klett-sprachen.de

Non-Intrusive Submissions Handling

The following section encompasses submission of the vulnerabilities that do not require intrusive testing as per Open Bug Bounty rules:

- Cross Site Scripting (XSS)
- Open Redirect

- Cross Site Request Forgery (CSRF)
- Improper Access Control

General Requirements:

No general requirements

Testing Requirements:

No testing requirements

Possible Awards:

No possible awards

Community Rating

Provided by security researchers who reported security vulnerabilities via this bug bounty program:

 
Response Time  How quickly researchers get responses to their submissions.
Remediation Time  How quickly reported submissions are fixed.
Cooperation and Respect  How fairly and respectfully researchers are being treated.

  Latest Patched

 18.04.2019 translit.net
 18.04.2019 inderscience.com
 18.04.2019 gocar.gr
 18.04.2019 varzesh11.com
 18.04.2019 techypctools.info
 18.04.2019 2ch.live
 18.04.2019 guatemala.com
 18.04.2019 crossref.org
 17.04.2019 mzitu.com
 17.04.2019 manilatimes.net

  Latest Blog Posts

04.04.2019 by Gh05tPT
XSS alert() variants
03.04.2019 by ismailtsdln
PHP Security Check List [ EN ]
02.04.2019 by Open Bug Bounty
API for bug bounty owners
02.04.2019 by MiguelSantareno
Google Dorks to find open redirects:
02.04.2019 by MiguelSantareno
Cross Site Script angular payloads:

  Recent Recommendations

    18 April, 2019
     myparadisio:
Thanks k0t, for pointed out two XSS vulnerabilities on our website!
Your input was very much appreciated!
    17 April, 2019
     rhyswynne:
acelakshitverma helped identify a bug on my hobby site and fixed it. Thanks!
    16 April, 2019
     Danny76084307:
Hallo Armin,
vielen Dank für Deinen Einsatz!
Durch deinen Hinweis konnten wir zwei Lücken schließen.
Schöne Grüße
Danny
    15 April, 2019
     matthias_lueck:
Felipe found a vulnerability in our website , which we were able to fix with Felipes detailed report. He was very responsive and professional. Highly recommended!
Thank you very much Felipe!
    15 April, 2019
     watergateweb:
Another XSS vulnerability found, thanks a lot!