Getting started
Learn about vulnerability types 
Getting started in bug bounties 
Test your knowledge
Free Web Application Challenges
Guides for your hunts 
ZSeano's Methodology
Effective Note Taking for bug bounties
Useful Resources 
Disclosed HackerOne Reports 
Our community
Endorsed Members
Hackevents 
Member Articles Urban Company Program Statistics
6 total issues disclosed
$1,800 total paid publicly
Most disclosed (1 disclosures) — Violation of Secure Design Principles
Disclosed Reports
| Report Title | Vulnerability Type | Disclosed By | Severity | Disclosed on |
|---|---|---|---|---|
| Host header injection that bypassed protection and allowed accessing multiple subdomains | Server-Side Request Forgery (SSRF) | musashi42 | Medium | 2022-12-21 |
| Critical full compromise of jarvis-new.urbanclap.com via weak session signing | Improper Authentication - Generic | ian | Critical | 2022-01-30 |
| Exposed data of credit card details to hacker or attacker. | Privacy Violation | nispat | Medium | 2021-06-28 |
| Insufficient Session Expiration | Insufficient Session Expiration | vibhushan | Low | 2021-06-23 |
| Broken Link on Urban Company's Vulnerability Submission Form | Violation of Secure Design Principles | awararesearcher | Low | 2021-06-21 |
| Private ip leaking through response | Information Disclosure | t3chn0phil3 | No rating | 2021-06-16 |