Getting started
Learn about vulnerability types 
Getting started in bug bounties 
Test your knowledge
Free Web Application Challenges
Guides for your hunts 
ZSeano's Methodology
Effective Note Taking for bug bounties
Useful Resources 
Disclosed HackerOne Reports 
Our community
Endorsed Members
Hackevents 
Member Articles Eternal Program Statistics
7 total issues disclosed
$2,850 total paid publicly
Most disclosed (2 disclosures) — Business Logic Errors
Disclosed Reports
| Report Title | Vulnerability Type | Disclosed By | Severity | Disclosed on |
|---|---|---|---|---|
| Attacker shall recieve order updates on whatsapp for users who have activated whatsapp notification | Business Logic Errors | schutzx0r | Medium | 2022-04-06 |
| Add upto 10K rupees to a wallet by paying an arbitrary amount | Business Logic Errors | ashoka_rao | High | 2022-02-23 |
| Claiming the listing of a non-delivery restaurant through OTP manipulation | Improper Authorization | ashoka_rao | Critical | 2022-02-22 |
| Page has a link to google drive which has logos and a few customer phone recordings | Cleartext Storage of Sensitive Information | codersanjay | Medium | 2022-02-21 |
| Race condition in User comments Likes | Violation of Secure Design Principles | 0xdekster | Low | 2022-02-09 |
| subdomain takeover on fddkim.zomato.com | Privilege Escalation | mosec9 | Medium | 2022-01-27 |
| HTML Injection @ /[restaurant]/order endpoint. | Cross-site Scripting (XSS) - Generic | mr_edwards | Low | 2021-09-07 |