Open Bug Bounty selected among the
Top 5 Bug Bounty programs to watch
in 2021 by The Hacker News

For security researchers
Report a Vulnerability
Submit, help fixing, get kudos.
For website owners
Start a Bug Bounty
Run your bounty program for free.
940,889 coordinated disclosures
563,505 fixed vulnerabilities
1306 bug bounties with 2,609 websites
22,373 researchers, 1296 honor badges

Cyber_WorldTop-50 VIP Open Redirect Reporter Top Security Researcher of the Month Top VIP Security Researcher of the Month | Security Researcher Profile


Security researcher Cyber_World has already helped fix 16352 vulnerabilities.



Researcher reputation:  1440

Real name:
Praveen Yadav

Contact email:
[email protected]

Alternative Contacts:
[email protected]

Award / Bug Bounty I prefer:
i prefer bug bounty/swag/hof/vouchers
Paypal id - https://www.paypal.me/pk12397

Recommendations and Acknowledgements | Full List:

@blasttheory     12 March, 2021
    Twitter blasttheory Michael from Blast Theory:
Thank you Praveen for reporting an issue with our website and helping to resolve this. Good work. Thanks again.
@CERT_rlp     1 March, 2021
    Twitter CERT_rlp CERT-rlp from CERT-rlp:
The team of CERT-rlp would like to thank Cyber_India for a responsible and coordinated disclosure of vulnerabilities.
@CERT_rlp     1 March, 2021
    Twitter CERT_rlp CERT-rlp from CERT-rlp:
The team of CERT-rlp would like to thank Cyber_World for a responsible and coordinated disclosure of information disclosure vulnerabilities
@ipoca_jp     24 February, 2021
    Twitter ipoca_jp developer from ipoca:
Thank you for reporting an open Website Security Issue and help us to fix it!
@ipoca_jp     24 February, 2021
    Twitter ipoca_jp developer from ipoca:
Thank you for reporting us about the Website Security Issue.
@poldish73     23 February, 2021
    Twitter poldish73 Sven from California:
Thank you for reporting a public accessible file and for the very helpful, fast and pleasant communication. Error was fixed in seconds.

Thank you very much.
@alex_ermer     22 February, 2021
    Twitter alex_ermer Alex from Clanintern:
Thanks for reporting my issues!
@moliv3     21 February, 2021
    Twitter moliv3 Olivier from Girondel:
Thanks Praveen for finding a disclosure issue !
@class502     20 February, 2021
    Twitter class502 Robert from Friends of the 502 Group:
Thank you for reporting an issue with our website and assisting us with a fix for the vulnerability.
@demmojo     20 February, 2021
    Twitter demmojo Mohamed from Blok-Z:
We are grateful for the vulnerability report that you shared with us! Also, amazing response time!
@axelhooge     19 February, 2021
    Twitter axelhooge Axel from JBAG:
Thank you very much for your nice help and for reporting the beginner mistake to us :-)
@Helping_Biz     16 February, 2021
    Twitter Helping_Biz Nardo from U-C WEBS:
Thank you for pointing out that long forgotten vulnerable file on one of our servers. But it's gone now. :-)
@NukeJay     16 February, 2021
    Twitter NukeJay Jack from Printing Service:
Brought to our attention some security issues. Fast and clear communication! Can recommend!
@DeputyVice     12 February, 2021
    Twitter DeputyVice Andrew Cartwright from NeuRA:
Many thanks to Cyber_World for identifying a git issue with our site and helping us to resolve it without delay.
@shamusr001     10 February, 2021
    Twitter shamusr001 Shannon Ribbons from Osis Design:
Praveen helped locate and define a vulnerability in my WordPress install, I recommend his skills.
@fadlerQA     10 February, 2021
    Twitter fadlerQA Frank from meinestadt:
Thank you for reporting an issue and for the helpful communication.
@LordSeru     10 February, 2021
    Twitter LordSeru Sebastian Braune from TUCed GmbH:
Thank you for reporting a vulnerability on our site.
Due to your detailed report, we could close it within minutes.
@WiiDatabase     10 February, 2021
    Twitter WiiDatabase Andreas from WiiDatabase:
Thank you for reporting an open XMLRPC to us!
@portentandy     8 February, 2021
    Twitter portentandy Andy from Portent:
Thanks for pointing out our XMLRPC vulnerability!
@thibaudmaes     8 February, 2021
    Twitter thibaudmaes Thibaud from NSI:
Cyber_World informed us about a security issue on a website. Thanks to him, it's more secure now!
@ytrls     8 February, 2021
    Twitter ytrls David from YTRL:
Thank you very much for pointing out the XMLRPC vulnerability!
@ChuckieAJ     7 February, 2021
    Twitter ChuckieAJ AndyT from Trucklesoft:
Brought to my attention some security issues. Now resolved. Good communication.Recommended!
@williamtm     6 February, 2021
    Twitter williamtm Will from Chase Trails:
Thanks to Praveen for reporting a potential security issue with our site - a public xmlrpc & json REST API.
@unsinn_s21     5 February, 2021
    Twitter unsinn_s21 Florian from VN:
helped to close a not used api in wordpress, quick and fast respond.
Good luck to you and greetings from Germany.
@IvanVazov5     5 February, 2021
    Twitter IvanVazov5 Webmaster from SPNS:
A big thank you to Praveen for finding and disclosing an XML-RPC Vulnerability on our website. He came back to us in minutes and was very helpful.
@fineststudios     4 February, 2021
    Twitter fineststudios Mike from Inv:
Thanks for pointing out a public phpinfo() on our website.
@ztobi     4 February, 2021
    Twitter ztobi ztobi from none:
Thanks for pointing our our public XML-RPC. Very fast contact
@0tt3rL1k3     3 February, 2021
    Twitter 0tt3rL1k3 Andreas from KV Trier-Saarburg:
Thank You for the reporting and help to fix the issus. Stay Save! Greetings from Germany
@SDCDF5     2 February, 2021
    Twitter SDCDF5 Charles from Cincinnati:
Many thanks for the report and recommendation! Merci beaucoup pour l'alerte et les explications !
@kledoux     2 February, 2021
    Twitter kledoux kledoux from kledoux:
Thank you for reporting a security issue on our site, and for being so detailed and responsive!
@dannythemonk     2 February, 2021
    Twitter dannythemonk Danny :
Thank you very much for your information and help. (XML-RPC API Wordpress) Regards..
@Anjuli     1 February, 2021
    Twitter Anjuli Webmaster from Stiftung trias:
Thanks for point out a public phpinfo(). Very fast contact.
@ZerosGaming     1 February, 2021
    Twitter ZerosGaming Fabian :
Thank you for your notification and quick follow up. Good luck with your OSCP, I know what it takes to get it.
@cyber_pramod     1 February, 2021
    Twitter cyber_pramod Matthu from Upwork:
Very kind and polite. reported very quickly and also helped in fixing bug. Best wishes from UK
@igucci     23 January, 2021
    Twitter igucci igucci from iwsec:
Thank you for the notification and quick & polite response.
Keep up the great work!
@dtestitall     22 January, 2021
    Twitter dtestitall randomthing4ev1 from Name witheld:
Thank you for finding the information disclosure vulnerability! Praveen was very responsive!
@Azatotht     21 January, 2021
    Twitter Azatotht Sylvain from Quebec Amerique:
Thanks for pointing out a public phpinfo() on our website. A++
@milano24ore     21 January, 2021
    Twitter milano24ore Olaf from milano24ore:
Thank you for your tip for finding a vulnerability on the website. Very quick reply.
@yuhiguchi1     20 January, 2021
    Twitter yuhiguchi1 yu-higuchi from ctc:
We appliciate your help with the vulnerability.
The response to inquiries was quick, which was very helpful.
@anTon_x3     20 January, 2021
    Twitter anTon_x3 anTon_X3 :
Thank you for finding security issues on my website! keep it up!
@rantoniazzi     19 January, 2021
    Twitter rantoniazzi Roberto Antoniazzi from Centro per la Cooperazione Internazionale:
Thanks for pointing out a public phpinfo(). Very fast contact.
@driesvanhaver     19 January, 2021
    Twitter driesvanhaver Dries from not disclosed:
We were informed of a vulnerability. Thank you to Praveen for telling us it existed.
@snowdarkz     19 January, 2021
    Twitter snowdarkz Quanruthai from not disclosed:
Thank you very much for the help with the vulnerability. Very fast contact.
@wandelzoek     18 January, 2021
    Twitter wandelzoek Wandelzoekpagina from Wandelzoekpagina:
Thanks for finding a vulnerability on the website. Thanks to your tip, I could repair the issue and keep the website safe
@eduardo_sales     17 January, 2021
    Twitter eduardo_sales Eduardo Sales from Papo de Gordo:
Praveen was very helpful in providing information about a security issue in our site. With his help, we were able to correct eveything and keep our site safe.
@mhmitu     15 January, 2021
    Twitter mhmitu Mihai from Engie:
Hi Praveen,
Thanks for the help with the vulnerability. Very fast and friendly contact.
@SilensStudio     14 January, 2021
    Twitter SilensStudio Simon from PlayDay:
Thank you very much for informing us about our access vulnerability! The world needs more good guys like you! A+!
@mailtest15     13 January, 2021
    Twitter mailtest15 mailtest from mailtest:
Thanks for the help with the vulnerability. Friendly and fast contact
@thailandunique     13 January, 2021
    Twitter thailandunique Lee from Thailand Unique:
Thank you very much for bringing a website vulnerability to my attention.
@Eginity     12 January, 2021
    Twitter Eginity Scott from Eginity:
Thanks for pointing out a public phpinfo();
@nixonson4     6 January, 2021
    Twitter nixonson4 nixonson from LOOM:
Very fast response, provided us with all the detailes. Keep up the good work!
@SewSimpleBags     5 January, 2021
    Twitter SewSimpleBags Deb from not disclosed:
We were informed of a vulnerability via this site. Thank you to Praveen for telling us it existed.
@feuerwehr_lich     5 January, 2021
    Twitter feuerwehr_lich Marc from Feuerwehr Lich:
Helped us identifing a not needed file which privided information about underlying system. Thank you for your Work!
@PingPlotter     4 January, 2021
    Twitter PingPlotter Nate from Pingman Tools:
Thanks a ton for finding a security vulnerability on our site. You definitely have our recommendation.
@_holzmann     4 January, 2021
    Twitter _holzmann Philip from Heimspiel:
Many thanks for finding a public "phpinfo();"
@KabarettN     3 January, 2021
    Twitter KabarettN KabarettN from Kabarett-News:
Cyber_World was very courteous and provided the information needed to solve the problem very quickly. Your work is much appreciated, sir!
@KabarettN     2 January, 2021
    Twitter KabarettN KabarettN from Kabarett-News:
Cyber_World was very courteous and provided the information needed to solve the problem very quickly. Your work is much appreciated, sir!
@Technologywibe     29 December, 2020
    Twitter Technologywibe Jake from Techwibe:
Helped us to find the issue and our devs was able to fix it. Thanks for your fast replies and reporting the issue.
@nglCasanova     29 December, 2020
    Twitter nglCasanova Angel :
Praveen reported a minor security issue and we could fix it immediately. Thanks a lot for letting us know!
@Teaviews     24 December, 2020
    Twitter Teaviews SFINGLE from CB:
Very quick communication and very helpful. Thank you and have a great year!
@JVos63     24 December, 2020
    Twitter JVos63 Jürgen Voskuhl from itcv GmbH:
Kurze Reaktionszeit, klare Hinweise auf die Probleme. Deshalb meine Empfehlung & ein dickes Dankeschön!
@spinetraknet     22 December, 2020
    Twitter spinetraknet Renzo from hsk1830.de:
very quick response helped us fix the issue very quickly
@SaurosVerlag     21 December, 2020
    Twitter SaurosVerlag Sebastian from Sauros Verlag:
Thank you very much for your help. And to let us know how we keep our website safe. Good job!
@JoJoFunParties     21 December, 2020
    Twitter JoJoFunParties Andy Wood from JoJoFun:
Praveen found a PHP file on our site that posed a security risk and generously informed us by email. The file has since been removed. Thanks so much!
@hair_xtensions     20 December, 2020
    Twitter hair_xtensions Pete from Hairx:
Thanks for showing us we had a vulnerability in our files, most appreciated!
@kayopepe1     18 December, 2020
    Twitter kayopepe1 Sascha :
Thanks for reporting the issue!
@PressBahn     17 December, 2020
    Twitter PressBahn Armin from Preßnitztalbahn:
Thank you for the report, which we were not aware of and which we were able to fix in a few moments. A big help!
@teezeh     17 December, 2020
    Twitter teezeh Thomas :
Praveen reported a minor security issue which I could then easily fix by deleting an obsolete file. Thanks for the professional disclosure.
@reikemgmbh     16 December, 2020
    Twitter reikemgmbh Stefan from Reikem IT Systemhaus:
Praveen reported a minor security issue and we could fix it immediately. Thanks a lot for letting us know!
@uvx_bln     16 December, 2020
    Twitter uvx_bln Administrator from Anonymous:
Many thanks for reporting the issue. Once the issue was known, it could be solved within seconds.
@Lord_iMac     16 December, 2020
    Twitter Lord_iMac Elmar from City Schutz GmbH:
Thanks for your report. It was a simple fix but security improvement. Good job!
@knoell123     14 December, 2020
    Twitter knoell123 Bernhard from anonymous:
Thank you very much for your report. Thanks to your help we were able to solve the problem very quickly
@knoell123     14 December, 2020
    Twitter knoell123 Bernhard from Anonymous:
Thank you very much for your report. Thanks to your help we were able to solve the problem very quickly.
@odieng     12 December, 2020
    Twitter odieng odieng from Bnest:
Thanks for pointing out the vulnerability. I appreciate it!
@Fabulous_Vegan     11 December, 2020
    Twitter Fabulous_Vegan fabulous.ch :
Thank you very much for your bug report. It was fixed within a few seconds. Thank you for bringing it to our attention :)
@krupicka_pavel     9 December, 2020
    Twitter krupicka_pavel Pavel Krupicka from Winternet:
Good job, thanks you very much for your report. The patch took a moment only, but it was necessary.
@DWTech3     9 December, 2020
    Twitter DWTech3 Alex Y. from Hypepoint Co.:
Thanks for the report on the issues. Although the issues were simple fixes but the researcher was able to catch them and report the issues with details in a professional manner. Highly recommended!
@fuzzy_dnlp     8 December, 2020
    Twitter fuzzy_dnlp Webmaster from Anonymous:
Honorable work. Thanks for reporting the error. We received a very polite & quick response with details and were able to fix the error within minutes.
@cathouseotkings     6 December, 2020
    Twitter cathouseotkings Webmaster from The Cat House on the Kings:
Thanks for the report. Tech Support had created the vulnerablity while investigating a problem for us which we probably wouldn't have noticed for a while.
@shunn     6 December, 2020
    Twitter shunn Bill from Sinister Regard Publishers:
Thank you so much for your report. It was a simple matter to fix, but we never would have noticed the vulnerability without your input and advice.
@Sebasti53438355     2 December, 2020
    Twitter Sebasti53438355 Seb from hrworks:
Nice contact, thanks for the report!
@rockpapercynic     2 December, 2020
    Twitter rockpapercynic Peter Chiykowski from Rock Paper Cynic:
Thanks for the report and recommendation! Fixed!
@cyber_pramod     1 December, 2020
    Twitter cyber_pramod lozan from Freelance:
Very polite and Knowledgeable reasearch. He provided me much detailsthat i was able to reproduce vulnerability and patch it with the help of mitigation steps. I recommend this specialist
@nikitsinelnikov     25 November, 2020
    Twitter nikitsinelnikov Nikita from ultimatemember.com:
Thanks for your report! We have fixed the issue.

Please login via Twitter to add a recommendation

Honor Badges


Number of Secured Websites

10+ Secured Websites Badge
50+ Secured Websites Badge
500+ Secured Websites Badge
Web Security Veteran Badge
10+ Websites
50+ Websites
500+ Websites
WEB SECURITY VETERAN
1000+ Websites

Advanced Security Research

WAF Bypasser Badge
CSRF Master Badge
AppSec Logic Master Badge
Fastest Fix Badge
WAF Bypasser
CSRF Master
30+ Reports
AppSec Logic Master
30+ Reports
Fastest Fix
Fix in 24 hours

Outstanding Achievements

Secured OBB Badge
OBB Advocate Badge
Improved OBB Badge
Secured OBB
OBB Advocate
Improved OBB

Commitment to Remediate and Patch

Patch Master Badge
Patch Guru Badge
Patch Lord Badge
Patch Master
55% Patched
Patch Guru
65% Patched
Patch Lord
75% Patched

Recommendations and Recognition

REPUTABLE Badge
FAMOUS Badge
GLOBALLY TRUSTED Badge
REPUTABLE
10+ Recommends
FAMOUS
25+ Recommends
GLOBALLY TRUSTED
50+ Recommends

Distinguished Blog Author

Distinguished Blog Author Badge
Distinguished Blog Author Badge
Distinguished Blog Author Badge
1 Post
3 Posts
5+ Posts

Research Statistics



Total reports:52515
Total reports on VIP sites:483
Total patched vulnerabilities:16352
Total vulnerabilities on Hold (Open Bug Bounty):28381
Recommendations received:84
Active since:12.12.2020
Top Security Researcher Awards:Gold Star Top Security Researcher of the Month
Top VIP Security Researcher Awards: Top VIP Security Researcher of the Month Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week

Open Bug Bounty Certificate


Researcher Certificate

Reported Vulnerabilities

All Submissions VIP SubmissionsFeatured Submissions




No posts in blog yet










  Latest Patched

 21.04.2021 prensaescrita.com
 21.04.2021 1click.ws
 21.04.2021 langitfilm.me
 21.04.2021 herbalife.am
 20.04.2021 avizo.me
 20.04.2021 onex.am
 20.04.2021 kaldo.am
 20.04.2021 checkchick.me
 20.04.2021 dramaqu.website
 20.04.2021 newharmony-in.gov

  Latest Blog Posts

11.04.2021 by Open Bug Bounty
Better Notifications Mechanism
28.03.2021 by febin_rev
Windows Stack Buffer Overflow in a real life app — Exploit development — CloudMe_1.11.2 Buffer Overflow-CVE-2018–6892
10.02.2021 by Renzi25031469
Sysadminotaur nº88
10.02.2021 by Open Bug Bounty
Higher Submissions Quality Standard
25.12.2020 by _Y000_
How to bypass mod_security (WAF)

  Recent Recommendations

@MrMoney84315336     16 April, 2021
    Twitter MrMoney84315336:
Serious, fast and professional.Thanks for the report.
@lmanunza     15 April, 2021
    Twitter lmanunza:
The Researcher found an XSS vulnerability in our site and acted ethically by reporting it to us, so we could fix it in a timely manner. Thank you!
@studentdoctor     14 April, 2021
    Twitter studentdoctor:
Rngdr4 is an absolute professional. Very helpful in finding and helping to resolve our bug. Highly recommended! Thanks, rngdr4!
@lmanunza     13 April, 2021
    Twitter lmanunza:
Pooja found an XSS vulnerability in our website and acted ethically by reporting it to us, as well as providing all the information we needed to reproduce and fix the issue in a timely manner. Thank you very much!
@MrMoney84315336     13 April, 2021
    Twitter MrMoney84315336:
Thank you for reporting the XSS issue.
Thanks to the detailed report, we were able to fix the problem on the same day.