Getting started
Learn about vulnerability types 
Getting started in bug bounties 
Test your knowledge
Free Web Application Challenges
BugBountyHunter Membership
Guides for your hunts 
ZSeano's Methodology
Effective Note Taking for bug bounties
Useful Resources 
Disclosed Hackevent Reports 
Disclosed HackerOne Reports 
Our community
Honourable Members
Member Contributions Vend by Lightspeed Program Statistics
2 total issues disclosed
$0 total paid publicly
Most disclosed (1 disclosures) — Insecure Direct Object Reference (IDOR)
Disclosed Reports
| Report Title | Vulnerability Type | Disclosed By | Severity | Disclosed on |
|---|---|---|---|---|
| Race Condition : Exploiting the loyalty claim https://xxx.vendhq.com/loyalty/claim/email/xxxxx url and gain x amount of loyalty bonus/cash | Violation of Secure Design Principles | stok | Medium | 2018-06-07 |
| Improper access control on adding a Register to an Outlet | Insecure Direct Object Reference (IDOR) | al88nsk | Medium | 2018-05-02 |