Banner object (1)

Hack and Take the Cash !

790 bounties in database
  Back Link to program      
30/06/2015
OnePageCRM logo
Thanks
Gift
Hall of Fame
Reward

OnePageCRM

OnePageCRM converts leads to customers fast. It does it in a beautiful user experience on one, simple, dashboard

This program only awards points for submissions.

Targets

In scope

  • <https://app.onepagecrm.com>

other

Out of Scope Targets

dev.onepagecrm.com
blog.onepagecrm.com
forum.developer.onepagecrm.com
www.onepagecrm.com
staging.onepagecrm.com

Please sign up to OnePageCRM with an address in the format name+bugcrowd@example.com

Out of Scope Bugs
• Banner/version disclosure
• DDOS attacks
• CRIME/BEAST attacks
• Social Engineering
• Brute force password cracking
• Issues that cannot be reproduced
• Username enumeration
• Previously reported bugs
• Bugs specific to unsupported browsers/plugins
• Bugs that rely on impractical user action
• Logout cross-site request forgery
• URL redirection
• Cross-Site Scripting (XSS)

Focus Areas:
• Cross-Site Request Forgery (CSRF/XSRF)
• Broken Authentication
• Remote Code Execution
• Privilege Escalation

Program Rules

This program follows Bugcrowd’s standard disclosure terms.

This program does not offer financial or point-based rewards for P5 — Informational findings. Learn more about Bugcrowd’s VRT.

This bounty requires explicit permission to disclose the results of a submission.

FireBounty © 2015-2019

Legal notices