Coordinated and Responsible Vulnerability Disclosure Free Bug Bounty Program 328,405 coordinated disclosures
190,166 fixed vulnerabilities
405 bug bounties with 859 websites
9,193 researchers, 853 honor badges

AndreCalvinho Top Security Researcher of the Month Top VIP Security Researcher of the Month | Security Researcher Profile


Security researcher AndreCalvinho has already helped fix 7355 vulnerabilities.



Researcher reputation:  370

Real name:
André Calvinho

About me:
A security professional

How to contact me:
[email protected]

Experience in Application Security
3-5 years

Award / Bug Bounty I prefer:
Donations
Paypal: [email protected]
Bitcoin: 13WaUodj7xtPL3UkpUUDU9YQy6GYW8ki65
Recommendations

Recommendations and Acknowledgements | Full List:

    4 December, 2018
     owenborseth Owen from Porkbun LLC:
André found an XSS vulnerability on our site and let us know. He was great to work with and a friendly guy all around. Thanks!
    15 November, 2018
     corebox Jon from Corebox:
Andre found a vulnerability on one of our websites and responsibly reported it. Many thanks for letting us know.
    12 September, 2018
     NoelDeMartin Noel De Martin from MusicList:
André found a security problem we didn't think we could have. Thanks for helping keep the Internet secure!
    20 August, 2018
     n8manAfter Nathan from A Gift Inside:
Thanks for finding our XSS vulnerability and notifying us.
    11 May, 2018
     RikDhuyvetters Rik from The Reference:
André found an issue with the site we had also discovered. He handled this very correct.
Thank you, André.
    6 April, 2018
     ortic Remo from mesch:
Thanks to André for taking his time to find a security problem on a site of ours. The site is about to be shut down which he couldn't know, but he handled everything nice and smooth.
    5 April, 2018
     MSDistUK Dave from MSDistUK:
Thank you for notifying us of the vulnerability on our site, we were quickly able to put in place a fix based on the information that was provided. Thank you Andre.
    2 April, 2018
     klaussandrini Klaus from Mundo da Carabina:
André reported a vulnerability on our site enabling us to make the necessary corrections to keep our system secure. We appreciate him attention in quickly clarifying the issues and help to fixed it quickly.
    26 March, 2018
     piecemobile EMERIC from SARL CHANTA:
Thanks for reporting this issue , as we fix this issue very fast
    26 March, 2018
     Nazin001 Piotr from GameExe:
Thank you a lot for helping identifying the security issues.
    22 March, 2018
     bajecolesterol abc from abajarcolesterol.com:
Thank you very much for your help, Andre. Great job!
    21 March, 2018
     laci27 George from -:
Andre did an excellent job finding the bug on our site and was very professional about it. Highly recommended!
    21 March, 2018
     SWeathercamp Sietse from Eagerly:
Thanks André for pointing out the vulnerability and giving us the opportunity to fix it!
    20 March, 2018
     tkalve Thomas Kalve from Peanuts AS:
Thanks to André we were made aware of a security issue on a clients website and were able to identify and fix it quickly.
    19 March, 2018
     codingstyle Chris Buguet from Cinemur:
Thanks to André for making our website safer by reporting an XSS vulnerability, and for his numerous contributions on Open Bug Bounty. He makes the Internet a better place!
    13 March, 2018
     LaLorelayn LauraB from Hamburg, Germany:
After André informed us about an XSS vulnerability on our website, we were able to identify the issue (with the help of his explanations) and fixed it quickly. We thank him very much for that!
    23 February, 2018
     chaankman Marcus from Germany:
André reported an exploit and helped finding a solution. we thank him very much for that!
    10 January, 2018
     scrivna Ross from NA:
Thanks for reporting this issue responsibly, we were able to fix this XSS issue quickly.
    8 January, 2018
     arthurebel Arthur EBEL from UTT:
Thank you for taking part in the security of our site by identifying an XSS Fault and explaining to us exactly where it was
    7 January, 2018
     MegaEscort Rob Rob from Megaescort:
Thank you Andre, you helped me finding a mad XSS error.

Great work!!!
    4 January, 2018
     criticalthinks Nile from CriticalThinking.com:
Thank you Andre! He helped us identify an XSS vulnerability.
    4 January, 2018
     tribulant Antonie from Tribulant Software:
Thanks Andre! He found an XSS exploit and reported it to us and we fixed it.
    4 January, 2018
     SebastianKurski Sebastian Kurski from freelancer:
Andre informed as about XSS vulnerability. He explained exactly where the problem is. Information from Andre helped us fix the issue. People like him, devoting their free time, make the internet safer. Thanks Andre! Perseverance in further work!
    4 January, 2018
     hiandras hiandras from hunet:
Thanks for Andres's report, we found and fixed the vulnerability.
    3 January, 2018
     blog4ever Pascal M from Blog4ever:
André found a XSS vulnerability and kindly explained us where it was and why it was dangerous. Thank you André !
    3 January, 2018
     Moose3Josh Josh from Las Vegas:
André was very kind in disclosing an XSS bug affecting an old web site of mine. He provided examples to help me reproduce and fix the issue. Thank you very much!
    3 January, 2018
     Pandaa1235 Ryan from Armor:
Andre was super helpful and quick in response when helping with an XSS vulnerability on one of our websites. We appreciate the help Andre, and your proactive demeanor.
    3 January, 2018
     jcb123 Jon from TCC:
Thanks for the notice. It was great feedback.
    3 January, 2018
     NKokiska Nishkam from Kokiska:
Thank you very much for your help, Andre! We've found and fixed the XSS trouble at our website due to your advice.
    13 December, 2017
     zfinsys Systems from ZFIN:
Thank you, Andre. Your notification of the XSS vulnerability helped us plug that hole quickly. Keep up the good work.
    8 December, 2017
     AIT39778017 Jerry from AIT:
Thank you very much Andre! Thanks to him we were able to fix some XSS vulnerability we were not aware of. Communication was instant and with every needed details. Very professional attitude.
    14 November, 2017
     microtome Thomas from PergiKuliner:
Thanks a lot Andre! I've taken it too lightly and slipped, I'm glad it's him who found it out first and post it here. It could be harmful, but Andre's approach is really positive. This inspire me to build better sites and help others developer to secure more internet user. Keep it up, Andre!
    23 October, 2017
     fabien_zimmer Fabien Zimmer from Myne:
Let's begin with a big thanks of course. Andre provided me with some handy feedback and solutions. Pro-active attitude much appreciated.

Please login via Twitter to add a recommendation

Awards and Achievements


Number of Secured Websites

10+ Websites
50+ Websites
500+ Websites
WEB SECURITY VETERAN
1000+ Websites

Advanced Security Research

WAF Bypasser
CSRF Master
30+ Reports
AppSec Logic Master
30+ Reports
Fastest Fix
Fix in 24 hours

Outstanding Achievements

Secured OBB
OBB Advocate
Improved OBB

Commitment to Remediate and Patch

Patch Master
55% Patched
Patch Guru
65% Patched
Patch Lord
75% Patched

Recommendations and Recognition

REPUTABLE
10+ Recommends
FAMOUS
25+ Recommends
GLOBALLY TRUSTED
50+ Recommends

Blog Author

1 Post
3 Posts
5+ Posts

Research Statistics



Total reports:29582
Total reports on VIP sites:317
Total patched vulnerabilities:7355
Total vulnerabilities on Hold (Open Bug Bounty):4933
Recommendations received:33
Active since:30.09.2017
Top Security Researcher Awards: Top Security Researcher of the Month Top Security Researcher of the Month Top Security Researcher of the Month Top Security Researcher of the Month Top Security Researcher of the Month Top Security Researcher of the Month Top Security Researcher of the Month Top Security Researcher of the Month Top Security Researcher of the Month Top Security Researcher of the Month Top Security Researcher of the Month Top Security Researcher of the Month Top Security Researcher of the Month Top Security Researcher of the Month Top Security Researcher of the Month Top Security Researcher of the Month Top Security Researcher of the Month Top Security Researcher of the Month
Top VIP Security Researcher Awards: Top VIP Security Researcher of the Month Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week

Open Bug Bounty Certificate





No posts in blog yet


Reported Vulnerabilities

All Submissions VIP Submissions

Domain Reported Status Type
21.03.2019
On Hold
Cross Site Scripting
21.03.2019
On Hold
Cross Site Scripting
21.03.2019
On Hold
Cross Site Scripting
21.03.2019
On Hold
Cross Site Scripting
21.03.2019
On Hold
Cross Site Scripting
21.03.2019
On Hold
Cross Site Scripting
21.03.2019
On Hold
Cross Site Scripting
21.03.2019
On Hold
Cross Site Scripting
21.03.2019
On Hold
Cross Site Scripting
21.03.2019
On Hold
Cross Site Scripting
21.03.2019
On Hold
Cross Site Scripting
21.03.2019
On Hold
Cross Site Scripting
21.03.2019
On Hold
Cross Site Scripting
21.03.2019
On Hold
Cross Site Scripting
21.03.2019
On Hold
Cross Site Scripting
21.03.2019
On Hold
Cross Site Scripting
21.03.2019
On Hold
Cross Site Scripting
21.03.2019
On Hold
Cross Site Scripting
21.03.2019
On Hold
Cross Site Scripting
21.03.2019
On Hold
Cross Site Scripting

  Latest Patched

 22.03.2019 livestream.com
 21.03.2019 vuetifyjs.com
 21.03.2019 365psd.com
 21.03.2019 ecartelera.com
 21.03.2019 bergfex.at
 20.03.2019 billabong.com
 20.03.2019 gcu.ac.uk
 20.03.2019 condos.ca
 20.03.2019 yesmovies.gg
 20.03.2019 gold.de

  Latest Blog Posts

19.03.2019 by Open Bug Bounty
GDPR PII exposure can now be securely reported via Open Bug Bounty
24.02.2019 by ismailtsdln
Apple XSS Vulnerability - Proof of Concept (PoC)
24.02.2019 by ismailtsdln
How do you use an xss as a keylogger ?
23.02.2019 by ismailtsdln
Everything about XSS is in this source!
20.02.2019 by drok3r
ModSecurity - ByPass XSS

  Recent Recommendations

    22 March, 2019
     jcfmachado:
Thank you for your time and notification.
    19 March, 2019
     rogerdc01:
Ezio has helped me with a vulnerability. Answered very fast after some questions and showed the way to examine the issue. Very professional!
    19 March, 2019
     interactmultim1:
Thank you k0t for reporting this bug. We appreciate your work!
    19 March, 2019
     CoreInstance:
Armin, vielen Dank für deine professionelle Unterstützung! Dank deiner Hilfe, konnten wir die Schwachstelle bei unserem Kunden direkt beheben.
    18 March, 2019
     ArnY:
Un grand merci pour votre aide. Suite à votre retour rapide et précis la faille a été corrigée rapidement par nos équipes.