Report a Vulnerability
Submit, help fixing, get kudos.
Start a Bug Bounty
Run your bounty program for free.
583,434 coordinated disclosures
374,935 fixed vulnerabilities
892 bug bounties with 1,780 websites
18,129 researchers, 1177 honor badges

My Profile | Prawar

Recommendations and Acknowledgements

@vmarci21     1 July, 2020
    Twitter vmarci21 Marton :
Thanks for your report!
You helped us to improve our page security.
@lorenzoherrera     16 September, 2020
    Twitter lorenzoherrera Loren from Litmind:
Prawar already helped us with other bugs in our site. This time he discovered a bug that could allow an attacker to know if a user has an account on our site or not. Prawar always reports thoroughly and provides solutions, along with POC screenshots. So grateful to have you in our bug hunters hall of fame, twice: https://www.litmind.com/bughunters
@lorenzoherrera     16 September, 2020
    Twitter lorenzoherrera Loren from Litmind:
Prawar found a hidden bug that might allow an attacker to keep regaining access to a user account in our site even after he changed his password, if the attacker also compromised the user email account. We're so grateful for your time and for your detailed report. Now in our Bug hunters hall of fame: https://www.litmind.com/bughunters

Please login via Twitter to add a recommendation

Honor Badges


Number of Secured Websites

10+ Secured Websites Badge
50+ Secured Websites Badge
500+ Secured Websites Badge
Web Security Veteran Badge
10+ Websites
50+ Websites
500+ Websites
WEB SECURITY VETERAN
1000+ Websites

Advanced Security Research

WAF Bypasser Badge
CSRF Master Badge
AppSec Logic Master Badge
Fastest Fix Badge
WAF Bypasser
CSRF Master
30+ Reports
AppSec Logic Master
30+ Reports
Fastest Fix
Fix in 24 hours

Outstanding Achievements

Secured OBB Badge
OBB Advocate Badge
Improved OBB Badge
Secured OBB
OBB Advocate
Improved OBB

Commitment to Remediate and Patch

Patch Master Badge
Patch Guru Badge
Patch Lord Badge
Patch Master
55% Patched
Patch Guru
65% Patched
Patch Lord
75% Patched

Recommendations and Recognition

REPUTABLE Badge
FAMOUS Badge
GLOBALLY TRUSTED Badge
REPUTABLE
10+ Recommends
FAMOUS
25+ Recommends
GLOBALLY TRUSTED
50+ Recommends

Distinguished Blog Author

Distinguished Blog Author Badge
Distinguished Blog Author Badge
Distinguished Blog Author Badge
1 Post
3 Posts
5+ Posts

Research Statistics



Recommendations received:3



No posts in blog yet


Reported Vulnerabilities

All Submissions

Domain Reported Status Type

  Latest Patched

 21.09.2020 psaa.am
 21.09.2020 ilga.gov
 21.09.2020 myswitzerland.com
 21.09.2020 dailysteals.com
 21.09.2020 tib.wa.gov
 21.09.2020 sephora.com.br
 21.09.2020 stj.jus.br
 21.09.2020 legacy.elpasotexas.gov
 21.09.2020 northadams-ma.gov

  Latest Blog Posts

14.09.2020 by aninda_anon
VPS Cheatsheet for bug hunting
14.09.2020 by pk_12397
A Story of IDOR To Account Takeover
14.09.2020 by febin_rev
How to find valid and impactful CSRFs
14.09.2020 by _r00t1ng_
Using {XSS} to play games on Site
24.06.2020 by Gkexamquiz
How to Find Contacts To Report Bugs & Security Vulnerabilities | Bug Bounty Tutorials 2020

  Recent Recommendations

@lorenzoherrera     21 September, 2020
    Twitter lorenzoherrera:
Found a security vulnerability in our site and provided us with information on how de bug works, and how to solve it. So much thanks!
@hashtagnewtab     21 September, 2020
    Twitter hashtagnewtab:
Very helpful and fast communication, an expert in the field.
@cg_director     21 September, 2020
    Twitter cg_director:
HowardPotts found a vulnerability issues on our Website that was important to fix. We wouldn't have found it without his help. Thankfully it was an easy fix
@Yashodar4     20 September, 2020
    Twitter Yashodar4:
Thank you for letting us know about the issue and helping to make the web a safer place
@rus_cert     18 September, 2020
    Twitter rus_cert:
Thank you so much for you quick, detailed and very helpful report!