.wrapper { display:none; } .footer { display:none; } body { -ms-overflow-style: scrollbar; overflow-y: scroll; overscroll-behavior-y: none; } .errorContainer { background-color: #FFF; color: #0F1419; max-width: 600px; margin: 0 auto; padding: 10%; font-family: Helvetica, sans-serif; font-size: 16px; } .errorButton { margin: 3em 0; } .errorButton a { background: #1DA1F2; border-radius: 2.5em; color: white; padding: 1em 2em; text-decoration: none; } .errorButton a:hover, .errorButton a:focus { background: rgb(26, 145, 218); } .errorFooter { color: #657786; font-size: 80%; line-height: 1.5; padding: 1em 0; } .errorFooter a, .errorFooter a:visited { color: #657786; text-decoration: none; padding-right: 1em; } .errorFooter a:hover, .errorFooter a:active { text-decoration: underline; } #placeholder, #react-root { display: none !important; } body { background-color: #FFF !important; }

JavaScript is not available.

We’ve detected that JavaScript is disabled in this browser. Please enable JavaScript or switch to a supported browser to continue using openbugbounty.org.

2022 © OpenBugBounty

Open Bug Bounty selected among the
Top 5 Bug Bounty programs to watch
by The Hacker News

All Open Bug Bounty emails are sent only from openbugbounty.org domain being digitally signed. All others are fake. Learn more.

For Researchers

Report a Vulnerability Report and help remediate a vulnerability found on any website	Write a Blog Post Write a blog post to share your knowledge and get kudos
Browse Bug Bounty Programs Browse active bug bounty programs run by website owners	Ask a Question Ask questions and share your improvement ideas

How it Works

Download presentation and learn
how our platform works

PDF, 1MB

For Owners

Start a Bug Bounty Start your bug bounty program at no cost and leverage crowd-security testing	Ask a Question Ask questions or let us know how to make Open Bug Bounty even better
API Request National CERTs and law enforcement agencies may request our API

How it Works

Download presentation and learn
how our platform works

PDF, 1MB

Hall of Fame

Top Security Researchers They make Web a safer place by reporting and helping remediate vulnerabilities	Acknowledgements Website owners share their experience of collaboration with the researchers

How it Works

Download presentation and learn
how our platform works

PDF, 1MB

About

About the Project Read about Open Bug Bounty history, values and mission	Latest Reports Browse the most recent vulnerability submissions
Contact Us Get in touch

How it Works

Download presentation and learn
how our platform works

PDF, 1MB

Forum
Blog

OpenBugBounty.org > Security Researchers > td00k

td00k | Security Researcher Profile

Security researcher td00k has already helped fix 51 vulnerabilities.

Info
Reports
Recommendations
Badges
Statistics
Certificate
Blog

Researcher reputation: 20

Real name:
Tiago Dias

About me:
Engineer & InfoSec enthusiast

Contact email:
[email protected]

Experience in Application Security
< 1 year

Award / Bug Bounty I prefer:
Recommendations

Follow me on:
Twitter

Ethics and Rules:
Tiago Dias is required to abide by the ethics and rules of the Open Bug Bounty project. If you reasonably believe that rules are not respected, please report this to us.

Recommendations and Acknowledgements

27 February, 2019

SearaDev Pedro Marques from Seara:

Thank you Tiago for reporting this flaw and for all the info provided!

Please login via Twitter to add a recommendation

Honor Badges

Number of Secured Websites


10+ Websites	50+ Websites	500+ Websites	WEB SECURITY VETERAN 1000+ Websites

Advanced Security Research


WAF Bypasser	CSRF Master 30+ Reports	AppSec Logic Master 30+ Reports	Fastest Fix Fix in 24 hours

Outstanding Achievements


Secured OBB	OBB Advocate	Improved OBB

Commitment to Remediate and Patch


Patch Master 55% Patched	Patch Guru 65% Patched	Patch Lord 75% Patched

Recommendations and Recognition


REPUTABLE 10+ Recommends	FAMOUS 25+ Recommends	GLOBALLY TRUSTED 50+ Recommends

Distinguished Blog Author


1 Post	3 Posts	5+ Posts

Research Statistics

Total reports:	198
Total reports on VIP sites:	3
Total patched vulnerabilities:	51
Recommendations received:	1
Active since:	23.09.2018

Open Bug Bounty Certificate

Researcher Certificate

Reported Vulnerabilities

All Submissions VIP Submissions

No posts in blog yet

Latest Patched

25.06.2022 ppd-elearning.phoenix.gov

25.06.2022 mohca.gov.bt

25.06.2022 ual.es

25.06.2022 aslteramo.it

25.06.2022 understood.org

25.06.2022 ossokolje.edu.ba

25.06.2022 e.csb.gov.lv

25.06.2022 mansfield.vic.gov.au

25.06.2022 educba.com

25.06.2022 fodors.com

Latest Blog Posts

15.02.2022 by sepkatpro
Ultimate XSS Polyglot

11.11.2021 by mistry4592
The Most used Chrome Extensions are Used For Penetration Testing.

08.10.2021 by NNeuchi
How I Found My First Bug Reflected Xss On PIA.GOV.PH(Philippine Information Agency)

26.08.2021 by PyaePhyoThu98
eG Manager v7.1.2: Improper Access Control lead to Remote Code Execution (CVE-2020-8591)

14.07.2021 by Open Bug Bounty
Interview With Open Bug Bounty

Recent Recommendations

@TiagoGuedesEGo1

20 June, 2022

TiagoGuedesEGo1:

shashank_bhure made us aware of several security vulnerabilities that represented security flaws of several degrees and needed to be rectified.

It was a pleasure working with you and I hope we can work again in the future, Thank you!

@TiagoGuedesEGo1

15 June, 2022

TiagoGuedesEGo1:

Hardik_850 made us aware of several security vulnerabilities that represented security flaws of several degrees and needed to be rectified.

It was a pleasure working with you and I hope we can work again in the future, Thank you!

@DeBuecher

3 June, 2022

Peter was of good help

@salmankhan2016

26 May, 2022

salmankhan2016:

thanyou security_helper5

@securityhelper5

26 May, 2022

securityhelper5:

thank you for report

Making Web a Safer Place

Coordinated & Responsible Disclosure

Based on ISO 29147 Guidelines

Terms & Privacy
2022 © OpenBugBounty