Getting started
Learn about vulnerability types 
Getting started in bug bounties 
Test your knowledge
Free Web Application Challenges
Guides for your hunts 
ZSeano's Methodology
Effective Note Taking for bug bounties
Useful Resources 
Disclosed HackerOne Reports 
Our community
Endorsed Members
Hackevents 
Member Articles Kaspersky Program Statistics
8 total issues disclosed
$6,000 total paid publicly
Most disclosed (2 disclosures) — Information Disclosure
Disclosed Reports
| Report Title | Vulnerability Type | Disclosed By | Severity | Disclosed on |
|---|---|---|---|---|
| No Rate Limit On Forgot Password Page | Improper Access Control - Generic | hacker-yadav | Low | 2021-05-24 |
| Web protection component in Anti-Virus products family uses predictable links for certificate warnings | Insecure Direct Object Reference (IDOR) | palant | Medium | 2019-11-25 |
| Kaspersky Password Manager allows websites to access user's address data | Information Disclosure | palant | Medium | 2019-11-24 |
| URL Advisor component in KIS products family is vulnerable to Universal XSS | Cross-site Scripting (XSS) - Generic | palant | High | 2019-08-28 |
| test report | Heap Overflow | rkhunter | Medium | 2018-08-15 |
| Hard Coded username and password in registry | Use of Hard-coded Credentials | bluedangerforyou | High | 2018-05-06 |
| Keys | Information Disclosure | ashishag29 | Low | 2018-02-02 |
| In App purchase Hack | Use of a Key Past its Expiration Date | huntman | Critical | 2017-08-03 |