Open Bug Bounty selected among the
Top 5 Bug Bounty programs to watch
in 2021 by The Hacker News

For security researchers
Report a Vulnerability
Submit, help fixing, get kudos.
For website owners
Start a Bug Bounty
Run your bounty program for free.
1,100,345 coordinated disclosures
670,305 fixed vulnerabilities
1,437 bug bounty programs, 2,861 websites
25,192 researchers, 1,375 honor badges

Cyber_WorldTop-50 VIP Open Redirect Reporter Top Security Researcher of the Month Top VIP Security Researcher of the Month | Security Researcher Profile


Security researcher Cyber_World has already helped fix 34000 vulnerabilities.



Researcher reputation:  1500

Real name:
Praveen Yadav

Contact email:
[email protected]

Alternative Contacts:
[email protected]

Award / Bug Bounty I prefer:
i prefer bug bounty/swag/hof/vouchers
Paypal id - https://www.paypal.com/paypalme/pk12397

Recommendations and Acknowledgements

@FUMBBL     4 June, 2021
    Twitter FUMBBL Christer Kaivo-oja from FUMBBL:
Found a clickjacking vulnerability and sent a professional and clear vulnerability report. Thank you Praveen!
@BenKennish     26 May, 2021
    Twitter BenKennish Ben Kennish from -:
Helpful and polite. Thanks Praveen!
@philippejadin     14 May, 2021
    Twitter philippejadin Phiolippe Jadin from Agorakit:
Thank you for reporting an issue with the presentation website of the project and for the quick replies !
@jakeanders     8 April, 2021
    Twitter jakeanders Jake from NCO:
I am very grateful for alerting me to this vulnerability and the clear instructions provided to mitigate the risk. I am also grateful for the extremely rapid response when getting in touch for further details. Thank you.
@blasttheory     12 March, 2021
    Twitter blasttheory Michael from Blast Theory:
Thank you Praveen for reporting an issue with our website and helping to resolve this. Good work. Thanks again.
@CERT_rlp     1 March, 2021
    Twitter CERT_rlp CERT-rlp from CERT-rlp:
The team of CERT-rlp would like to thank Cyber_India for a responsible and coordinated disclosure of vulnerabilities.
@CERT_rlp     1 March, 2021
    Twitter CERT_rlp CERT-rlp from CERT-rlp:
The team of CERT-rlp would like to thank Cyber_World for a responsible and coordinated disclosure of information disclosure vulnerabilities
@ipoca_jp     24 February, 2021
    Twitter ipoca_jp developer from ipoca:
Thank you for reporting an open Website Security Issue and help us to fix it!
@ipoca_jp     24 February, 2021
    Twitter ipoca_jp developer from ipoca:
Thank you for reporting us about the Website Security Issue.
@poldish73     23 February, 2021
    Twitter poldish73 Sven from California:
Thank you for reporting a public accessible file and for the very helpful, fast and pleasant communication. Error was fixed in seconds.

Thank you very much.

Shows the first 10 recommendations. See all.

Please login via Twitter to add a recommendation

Honor Badges


Number of Secured Websites

10+ Secured Websites Badge
50+ Secured Websites Badge
500+ Secured Websites Badge
Web Security Veteran Badge
10+ Websites
50+ Websites
500+ Websites
WEB SECURITY VETERAN
1000+ Websites

Advanced Security Research

WAF Bypasser Badge
CSRF Master Badge
AppSec Logic Master Badge
Fastest Fix Badge
WAF Bypasser
CSRF Master
30+ Reports
AppSec Logic Master
30+ Reports
Fastest Fix
Fix in 24 hours

Outstanding Achievements

Secured OBB Badge
OBB Advocate Badge
Improved OBB Badge
Secured OBB
OBB Advocate
Improved OBB

Commitment to Remediate and Patch

Patch Master Badge
Patch Guru Badge
Patch Lord Badge
Patch Master
55% Patched
Patch Guru
65% Patched
Patch Lord
75% Patched

Recommendations and Recognition

REPUTABLE Badge
FAMOUS Badge
GLOBALLY TRUSTED Badge
REPUTABLE
10+ Recommends
FAMOUS
25+ Recommends
GLOBALLY TRUSTED
50+ Recommends

Distinguished Blog Author

Distinguished Blog Author Badge
Distinguished Blog Author Badge
Distinguished Blog Author Badge
1 Post
3 Posts
5+ Posts

Research Statistics



Total reports:55325
Total reports on VIP sites:513
Total patched vulnerabilities:34000
Total vulnerabilities on Hold (Open Bug Bounty):11787
Recommendations received:88
Active since:30.01.2021
Top Security Researcher Awards:Gold Star Top Security Researcher of the Month Gold Star Top Security Researcher of the Month Gold Star Top Security Researcher of the Month
Top VIP Security Researcher Awards: Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week

Open Bug Bounty Certificate


Researcher Certificate

Reported Vulnerabilities

All Submissions VIP SubmissionsFeatured Submissions




No posts in blog yet










  Latest Patched

 19.10.2021 ulakbim.gov.tr
 19.10.2021 societe.com
 19.10.2021 tga.gov.au
 19.10.2021 mydomain.com
 19.10.2021 ipower.com
 19.10.2021 picuki.com
 19.10.2021 filmdaily.co
 19.10.2021 fileforum.com

  Latest Blog Posts

08.10.2021 by NNeuchi
How I Found My First Bug Reflected Xss On PIA.GOV.PH(Philippine Information Agency)
26.08.2021 by PyaePhyoThu98
eG Manager v7.1.2: Improper Access Control lead to Remote Code Execution (CVE-2020-8591)
14.07.2021 by Open Bug Bounty
Interview With Open Bug Bounty
25.05.2021 by 0xrocky
Google XSS Game
25.05.2021 by ShivanshMalik12
Testing for XSS (Cross Site Scripting)

  Recent Recommendations

@LangweileDich     20 October, 2021
    Twitter LangweileDich:
Thanks to Chiraq for informing me about data that was publicy accessible and how to fix it.
@sammy2000m     20 October, 2021
    Twitter sammy2000m:
Thanks to mistry4592
our team would like to thank you for finding vulnerability on our website.
@xnih     18 October, 2021
    Twitter xnih:
Thanks to mistry4592 for his report and extra feedback on the issue. He was quick to provide us a link to reproduce the issue when asked!
@AlexisMousset     18 October, 2021
    Twitter AlexisMousset:
Pramod has reported a potential vulnerability on our website.

Thank you!
@LangweileDich     15 October, 2021
    Twitter LangweileDich:
Thanks for letting me know of an abandoned file that needed to be deleted.