Spam404
Top Security Researcher
Top Security Researcher of the Month
Top VIP Security Researcher of the Month | Security Researcher Profile
Security researcher Spam404 has already helped fix 16365 vulnerabilities.
Researcher reputation: 720
Real name:
Cameron
How to contact me:
You can contact me via email - [email protected]
I encourage you to contact me ASAP so we can work together to quickly protect your users! All communication will be kept private.
Alternative Contacts:
Should I not respond via email (never happened!) please reach out via Twitter - @Spam404Online
Experience in Application Security
over 5 years
Award / Bug Bounty I prefer:
An acknowledgment on my profile is enough but if you feel like treating me to something extra for my time I appreciate the following -
Bug Bounty (PayPal, Bitcoin)
Swag (T-Shirt etc)
Halls of Fame:
http://www.spam404.com/security-research.html
https://hackerone.com/spam404
Recommendations and Acknowledgements | Full List:


Thank you for notifying us of an XSS vulnerability in our project |


Thank you for locating some ancient code that we no longer needed anymore. Land mine defused! |


Thanks for letting us know about this XSS vulnerability. We appreciate the quick feedback. |


Cameron went through a few sites for us and identified a wide range of vulnerabilities. We really appreciated his work and will definitely stay in touch. |


Cameron discovered an XSS vulnerability in one of our 3rd party applications and was very helpful in bringing this to our attention, notifying the software vendor and advising what area needed to be fixed. Thank you very much! |


Cameron helped identify an XSS vulnerability affecting several sites. The communication was excellent and the prompt and exhaustive details helped put a patch in place in a really short time. Much appreciated. |


Cameron identified several vulnerabilities for us, making us aware and giving us the opportunity to fix. Greatly appreciated ! |


Cameron alerted me to some vulnerabilities on a couple of new sites I had released, he was exceptionally polite and very professional and I was able to act before anything happened to either site. Thank you Cameron!! |


Cameron reported severals bugs on our website. He was fast, polite and professional. A great help and much appreciated. |


Cameron helped us significantly improve our services, and certainly proved to be extremely knowledgeable. We are extremely grateful to him and very much appreciate his research. |


Cameron found serval XSS exploits and was quick to respond to emails. Big thanks and keep up the wonderful work. |


Cameron was great! He helped me to identify and definitively fix an XSS problem on an old script. Very skilled researcher! Thanks a lot! |


Cameron found an XSS in our site, and provided fast and accurate information to allow us to reproduce and fix. Thanks :-) |


Cameron reported and helped us to resolve an XSS bug with our site, he was fast, polite and professional. A great help and much appreciated. |


Cameron helped us to identify some XSS vulnerabilities on the website of some of our customers. Thank you very much! |


Cameron helped us to identify some XSS vulnerabilities on the website of one of our customers. Thank you! |


Thanks for reporting the vulnerability. I was able to produce a fix for it easily, but it's not something I'd have ever thought to try. |


Cameron identified two issues with our web site, and shared details with us right away. He's doing this for the right reasons - and really doing a public service. Thank you, Cameron! |


Cameron's report and subsequent description of multiple XSS vulnerabilities on our site was handled with extreme grace. The report informed us of these vulnerabilities without exposing it to third-parties. Once contacted about the issue, Cameron almost immediately got back to us with a detailed explanation of how to reproduce each of the found vulnerabilities which allowed us to fix them. |


Many thanks to Cameron for his swift and professional disclosure, and polite and quick responses to email. A big help. |


I appreciate Cameron's report on the XSS vulnerability of my site and his responsive and straightforward explanation about the bug. It helped us a lot. We could put my site on the safe track again. Very nice. |


Cameron reported an outdated plugin exploit from my site I had neglected to do something about--and I was able to remove it before I got hacked. Thanks, Cameron! |


Thanks for identifying and reporting the vulnerability, and for making the web a safer place. Much appreciated. |


Cameron helped to highlight some stray DNS records that needed removal on our domain. Many thanks for that!! |


Cameron helped find and fix those issues. He showed a great combination of responsiveness and being helpful along the road. Thank you! |


Cameron helped us identify and confirm a patch to a vulnerability in one of our sites. Thanks Cameron! |

Cameron's concise report allowed us to develop a fix quickly and efficiently. Thanks! |


Cameron was really nice, professional and responsive. It helped me to locate a vulnerability I was not aware of! Thanks so much! |


Cameron was incredibly fast, nice, and professional. Highly recommended. Dave |


My thanks to Cameron for helping keep the Web a safer place. Vuln identified and reported by Cameron with example, and now fixed. Appreciation! Roy |


Thx to Dave for his warning. The vulnerability was patched in due time. |


Cameron was very helpful and responsive in helping us patch the vulnerability. Excellent job! |


Thanks so much! Great help in bringing our attention and such prompt assistance to narrow down. |


Thanks you for bringing these issues to our attention! |


Thank you Cameron for bringing this to our attention. Very good support and really fast help! |


So you get a notification that your website has a security Vulnerability, and you first thought is Oh No and you might think bad of the person reporting it. Well if its spam404 nothing could be further from the truth. Spam404 was very helpful when I contacted him and very prompt with responses, the information he provided made it easy to rectify the issue quickly. I would highly recommend Spam404. |


Cameron is extremely responsive and professional. His work to make the internet a safer place is exceptional. |


Thanks Cameron for all your help and expertise to detect XSS vulnerabilities on our sites. I contacted him after he alerted us and he provided clear instructions on the detection and re-verification. Thanks a million Spam404. |


Thanks for bringing this to our attention. Much appreciated. |


Cameron was very helpful and provided a clear proof-of-concept to fix an XSS vulnerability in our site. Fast and courteous responses, highly recommended. |


Thanks for bringing this to our attention. Very prompt and professional. |


Spam404 provided us with clear information about vulnerabilities on our site with out any expectation, Much appreciated. |


Cameron was very quick and courteous, and provided a simple PoC that didn't require reverse engineering to determine it wasn't malicious. |


Highly recommend Spam404. Easy to test proof of concept. Quickly helped resolve a potential vulnerability. |


Kudos to Spam404 for providing a safe proof-of-concept that allowed us to track down the issue. Thanks to @xbrowsertesting for providing the tools (e.g., old browsers) to find this bug. |


Highly recommended, exceptionally responsive, precise in communication, gives good explanation with proof of concept. |


Cameron was very helpful and response promptly every time we contacted each other. Effective and accurate information is given well at the start to speed up the process. Highly recommended. |


Great feedback with useful recommendations. Much appreciated! |


Spam404 provided us with clear information about vulnerabilities on our site, and did so in a courteous and professional manner. Thank you. |


Much appreciated alert. Will take seriously any future notices for sure. Very helpful. Recommended! |


Totally recommend!! Extremely knowledgeable and responsive - pointed us exactly to the right issue. |


Very helpful information shared with us and extremely responsive. |


Very helpful providing useful information along with proof-of-concept. I highly recommend. |


Very helpful notices; clear threat information and extremely responsive. |


Polite and precise, provides proof-of-concept. Much appreciated. |
Honor Badges
Number of Secured Websites
![]() |
![]() |
![]() |
![]() |
10+ Websites
|
50+ Websites
|
500+ Websites
|
WEB SECURITY VETERAN
1000+ Websites
|
Advanced Security Research
![]() |
![]() |
![]() |
![]() |
WAF Bypasser
|
CSRF Master
30+ Reports
|
AppSec Logic Master
30+ Reports
|
Fastest Fix
Fix in 24 hours
|
Outstanding Achievements
![]() |
![]() |
![]() |
|
Secured OBB
|
OBB Advocate
|
Improved OBB
|
Commitment to Remediate and Patch
![]() |
![]() |
![]() |
|
Patch Master
55% Patched
|
Patch Guru
65% Patched
|
Patch Lord
75% Patched
|
Recommendations and Recognition
![]() |
![]() |
![]() |
|
REPUTABLE
10+ Recommends
|
FAMOUS
25+ Recommends
|
GLOBALLY TRUSTED
50+ Recommends
|
Distinguished Blog Author
![]() |
![]() |
![]() |
|
1 Post
|
3 Posts
|
5+ Posts
|
Research Statistics
Total reports: | 25188 |
Total reports on VIP sites: | 1868 |
Total patched vulnerabilities: | 16365 |
Recommendations received: | 69 |
Active since: | 03.11.2015 |
Top Security Researcher Awards: | ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() |
Top VIP Security Researcher Awards: | ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() |
No posts in blog yet |
Reported Vulnerabilities
All Submissions VIP SubmissionsFeatured Submissions
Domain | Reported | Status | Type |
---|---|---|---|
11.12.2019
|
unpatched
|
Cross Site Scripting
|
|
12.11.2019
|
unpatched
|
Open Redirect
|
|
05.11.2019
|
patched
|
Cross Site Scripting
|
|
06.10.2019
|
unpatched
|
Open Redirect
|
|
24.09.2019
|
unpatched
|
Cross Site Scripting
|
|
16.09.2019
|
unpatched
|
Open Redirect
|
|
05.09.2019
|
patched
|
Cross Site Scripting
|
|
05.09.2019
|
patched
|
Cross Site Scripting
|
|
05.09.2019
|
unpatched
|
Cross Site Scripting
|
|
05.09.2019
|
patched
|
Cross Site Scripting
|
|
05.09.2019
|
patched
|
Cross Site Scripting
|
|
05.09.2019
|
unpatched
|
Cross Site Scripting
|
|
05.09.2019
|
unpatched
|
Cross Site Scripting
|
|
05.09.2019
|
unpatched
|
Cross Site Scripting
|
|
05.09.2019
|
patched
|
Cross Site Scripting
|
|
05.09.2019
|
unpatched
|
Cross Site Scripting
|
|
05.09.2019
|
unpatched
|
Cross Site Scripting
|
|
05.09.2019
|
patched
|
Cross Site Scripting
|
|
05.09.2019
|
unpatched
|
Cross Site Scripting
|
|
05.09.2019
|
patched
|
Cross Site Scripting
|
Please login via Twitter to add a recommendation