YouPorn Program Statistics

View program

12 total issues disclosed

$7,750 total paid publicly

Most disclosed (4 disclosures) — Improper Authentication - Generic

Disclosed Reports

Report Title Vulnerability Type Disclosed By Severity Disclosed on
IDOR allows any user to edit others videos Insecure Direct Object Reference (IDOR) zerody High 2019-11-11
youporn email notification enable/disable and newsletter Violation of Secure Design Principles platinum1933 Medium 2017-10-09
IDOR - Access to private video thumbnails even if video requires password authentication Improper Authentication - Generic nahamsec Medium 2017-08-17
XSS via login cookie Cross-site Scripting (XSS) - Generic myst404 Medium 2017-06-26
DOM-based XSS on youporn.com (main page) Cross-site Scripting (XSS) - DOM sp1d3rs High 2017-06-13
Account hijack via deleted PH account Improper Authentication - Generic cyber-guard Medium 2017-06-13
Find whether a video has been favourited or not, for any user [via YouPorn Mobile API] Improper Authentication - Generic prakharprasad Medium 2017-06-04
I am because bug None supplied b69b1b97b19c1c71b0eed85 Critical 2017-05-05
[Android API] SQL injection ( errortoken.json ) SQL Injection lisa122 Medium 2017-04-22
Time Based SQL-inject in post-parametr login[username] [domain - youporn.com] SQL Injection almaco Critical 2017-04-20
Reflected XSS in Meta Tag Cross-site Scripting (XSS) - Generic myst404 Medium 2017-03-28
Account takeover via Pornhub Oauth Improper Authentication - Generic cyber-guard Medium 2017-02-13