Getting started
Learn about vulnerability types 
Getting started in bug bounties 
Test your knowledge
Free Web Application Challenges
Guides for your hunts 
ZSeano's Methodology
Effective Note Taking for bug bounties
Useful Resources 
Disclosed HackerOne Reports 
Our community
Endorsed Members
Hackevents 
Member Articles Azbuka Vkusa Program Statistics
7 total issues disclosed
$4,150 total paid publicly
Most disclosed (2 disclosures) — Information Disclosure
Disclosed Reports
| Report Title | Vulnerability Type | Disclosed By | Severity | Disclosed on |
|---|---|---|---|---|
| Endpoint without access control leads to order informations and status changes | Information Disclosure | cabelo | Critical | 2021-12-09 |
| Reflected XSS in photogallery component on [https://market.av.ru] | Cross-site Scripting (XSS) - Reflected | haxta4ok00 | Medium | 2021-12-01 |
| Reflected XSS on av.ru via `q` parameter at https://av.ru/collections/* | Cross-site Scripting (XSS) - Reflected | ronr | Medium | 2021-11-19 |
| Мисконфигурация Cisco Smart Install | Misconfiguration | kerbyj | Critical | 2021-11-16 |
| Corporate Jira credentials disclosed in public gist | Information Disclosure | mkhazov | High | 2021-11-15 |
| IDOR - Other user's delivery address disclosed | Insecure Direct Object Reference (IDOR) | sachin_kumar_ | High | 2021-11-15 |
| Leak of Google Sheets API credentials | Cleartext Transmission of Sensitive Information | adsec2s | High | 2021-11-15 |