FireBounty custhelp : Coordinated Vulnerability Disclosure Guidelines Vulnerability Disclosure Program

Link to program

2015-06-30

2019-07-18

Thank

Gift

HOF

Reward

custhelp : Coordinated Vulnerability Disclosure Guidelines

This policy outlines how Sky handles the disclosure of information pertinent to vulnerabilities that if exploited may have an adverse impact of the confidentiality, integrity or availability of Sky data, services or systems.

| What is coordinated vulnerability disclosure? |

| - |

| Coordinated responsibility disclosure (CVD) is the practice of reporting security flaws in a confidential and responsible manner. It involves you, the ‘finder’ identifying and informing us, the ‘security team’ of a vulnerability which will be investigated. |

| What is expected of both Sky and the finder? |

| - |

| * Follow the processes and maintain the agreements outlined in this policy. * Operate in accordance with local laws. * Maintain discretion. * Communicate in a timely manner. |

| What is expected of Sky? |

| - |

| * Maintain anonymity of the finder if requested (As permitted within the law) * Information submitted by you will remain confidential and not be shared with third parties until the issue is investigated (Unless the finder and security team agree otherwise) * The vulnerability will be investigated and you will receive an acknowledgement of your submission from the security team within reasonable period of time. * If this policy is followed by the finder, they may have their name or handle and a point of contact entered in the ‘Hall of Fame’. |

| What is expected of the finder? |

| - |

| * Maintain discretion of information regarding the vulnerability for at least 9 days from the day of disclosure (Unless informed otherwise by the security team) * Provide sufficient information surrounding the vulnerability * Do not publicly disclose customer, supplier or Sky environment information The following research is not permitted: * Accessing or attempting to access data or information that does not belong to you * Destroying, corrupting or attempting to destroy or corrupt information that does not belong to you * Causing or attempting to cause a Denial of Service (DoS) condition Research is permitted on the following domains: * skytv.co.nz * skybusiness.co.nz * skytv.custhelp.com * neontv.co.nz * skygo.co.nz * believeitornot.co.nz If there is some other domain that you believe should have testing permitted, please make a request in the vulnerability submission box. |

| How does the coordinated vulnerability disclosure process work? |

| - |

| * Submit information pertaining to a vulnerability you have identified either through the form below or in an email. * You will receive an acknowledgement email from the security team * The issue will be investigated and the result of the investigation (Following our confidentiality obligations) will be sent to you * Once the issue has been resolved or the potential risk is deemed acceptable and you agree to have your personal information in the Hall of Fame, you will be added to it. |

| Submitting vulnerabilities and questions |

| - |

| If you wish to submit a vulnerability or have any questions, please complete the form below. Attempt to include as much of the following in your vulnerability submission as applicable: * Type of vulnerability * Whether the information has been published or shared with others * Affected products and versions * Affected configurations * Replication instructions/proof of concept |

| Hall of Fame |

| - |

| Only one group or individual may be published for each vulnerability found. SKY reserves the right at our sole discretion to add, edit or remove any listing from the hall of fame. |

| 2020 |

| Old Finds |

Hall of Fame

× #1 Deep Yadav

Contact: https://www.linkedin.com/in/deep-yadav-66a146b5
Discovery: Unpatched host

#2 Team Whynot53

Contact: tech@whynot53.com
Discovery: XSS Vulnerability

#3 Mohd Asif Khan

Contact: https://www.linkedin.com/in/mohd-asif-khan-✪-5228a9179
Discovery: HTML injection

Old Finds

× #1 Koutrouss Naddara

Contact: https://www.facebook.com/profile.php?id=100008222891851
Discovery: Multiple, Reports: 11, Complexity: Med

#2 Filippos Mastrogiannis

Contact: https://www.linkedin.com/pub/filippos-mastrogiannis/68/132/177
Discovery: Discovery: Multiple, Reports: 2, Complexity: Med

#3 Osama Mahmood

Contact: https://twitter.com/OsamaMahmood007
Discovery: Discovery: XSS, Reports: 4, Complexity: Med/Low

#4 Mohammed Fayez Albanna

Contact: https://www.facebook.com/bana2313
Discovery: Multiple, Reports: 2, Complexity: Med

#5 Kiran Karnad

Contact: Twitter Handle: @iPenTest https://www.isoc.my/profile/wthack
Discovery: Multiple, Reports: 2, Complexity: Med

#6 Simone Memoli

Contact: twitter.com/Simon90_Italy
Discovery: Discovery: Process, Reports: 1, Complexity: Med

#7 Mohammed Abduulqader Al-saggaf

Contact: https://www.facebook.com/mohammed.alsaggaf2010
Discovery: XSS, Reports: 1, Complexity: Med/Low

#8 Jitendra jaiswal

Contact: https://facebook.com/desihack
Discovery: XSS, Reports: 1, Complexity: Med/Low

#9 Babar Khan Akhunzada

Contact: twitter.com/Babar1337Khan
Discovery: XSS, Reports: 1, Complexity: Med/Low

#10 Abdul Wasay

Contact: https://twitter.com/AWasayRazzak
Discovery: XSS, Reports: 1, Complexity: Med/Low

#11 Abdul Rehman

Contact: https://www.facebook.com/shadowcreator
Discovery: XSS, Reports: 1, Complexity: Med/Low

#12 Abdul Haq Khokhar

Contact: https://twitter.com/Abdulhaqkhokhar
Discovery: Discovery: XSS, Reports: 1, Complexity: Med/Low

#13 Christian Galeone

Contact: https://thefacebook.com/christian.galeone.1
Discovery: Discovery: process, Reports: 1, Complexity: Med/Low

#14 Ayoub Nait Lamine

Contact: https://www.facebook.com/profile.php?id=100004407498249
Discovery: Discovery: CCS injection, Reports: 1, Complexity: Med/Low

#15 Adel Ejjamai

Contact: https://www.facebook.com/AdelJamai107
Discovery: Discovery: XSS, Reports: 1, Complexity: Med/Low

#16 Amine Marzouki

Contact: https://www.facebook.com/shetsecure
Discovery: Discovery: XSS, Reports: 1, Complexity: Med/Low

#17 Provensec Labs

Contact: www.provensec.com
Discovery: Discovery: XSS, Reports: 1, Complexity: Med/Low

#18 Abhijeet mahajan (Netxiit)

Contact:
Discovery: Discovery: XSS, Reports: 1, Complexity: Med/Low

#19 Ahmed El-Mahalawy

Contact: https://www.facebook.com/A7medELMa7alawy
Discovery: Discovery: XSS, Reports: 1, Complexity: Med/Low

#20 Mohamed Abdelbaset Elnoby

Contact: https://www.linkedin.com/in/symbiansymoh
Discovery: Discovery: XSS, Reports: 1, Complexity: Med/Low

#21 Asim Bilal

Contact: https://www.facebook.com/Asim.Bilal.Adil
Discovery: Discovery: Signup issue, Reports: 3, Complexity: Med/Low

#22 Shivam Kumar Agarwal, Nithish Varghese, Sahil Srivastava

Contact: Twitter-id : @netanalysts
Discovery: Reset Link, Reports: 1, Complexity: Med/Low

#23 Aneeq Alam

Contact: https://www.facebook.com/lomatic.alam
Discovery: XSS, Reports: 1, Complexity: Med/Low

#24 Panou Gerasimos

Contact: Gerasimos Panou @BughunterGR
Discovery: Multiple, Reports: 1, Complexity: Med/Low

#25 Asim Shahzad

Contact: http://pk.linkedin.com/pub/m-asim-shahzad/a1/995/65a/
Discovery: Multiple, Reports: 1, Complexity: Med/Low

#26 Sam Gandhi

Contact: SAM GANDHI( SAURABH )
Discovery: Clickjacking, Reports: 1, Complexity: Med/Low

#27 Hammad Mahmood

Contact: https://www.facebook.com/hammad.mahmood.14019
Discovery: SSL Vuln, Reports: 1, Complexity: Med/Low

#28 Akshay Saini

Contact: https://twitter.com/akshay_py
Discovery: Clickjacking, Reports: 1, Complexity: Med/Low

#29 Kalpesh Makwana

Contact: https://www.twitter.com/makwanakalpesh2
Discovery: Reset Link, Reports: 1, Complexity: Med/Low

#30 Ioannis Chalkiadis

Contact: https://twitter.com/chalkSEC
Discovery: XSS, Reports: 1, Complexity: Med/Low

#31 Mohammad Naveed

Contact: https://www.aksitservices.co.in/
Discovery:Clickjacking, Reports: 1, Complexity: Med/Low

#32 Sandeep Venkatesan

Contact: https://www.facebook.com/sandeepmurthis
Discovery: XSS, Reports: 1, Complexity: Med/Low

#33 Ioannis Chalkiadis

Contact: https://www.linkedin.com/in/balagpy
Discovery: XSS, Reports: 1, Complexity: Med/Low

#34 P Balaji

Contact: https://www.linkedin.com/in/balagpy
Discovery: Clickjacking & Poodlebleed, Reports: 2, Complexity: Med/Low

#35 Ajay Anand

Contact: www.ctgsecuritysolutions.com
Discovery: XSS, Reports: 2, Complexity: Med/Low

#36 Jatin Mangani

Contact: https://www.facebook.com/jatin.mangani
Discovery: Clickjacking, Reports: 1, Complexity: Med/Low

#37 Jan Abhijeet

Contact: abhijeet mahajan (net-x iit)
Discovery: Clickjacking, Reports: 1, Complexity: Med/Low

#38 Vivek Gurung

Contact: www.cyberkendra.com
Discovery: XSS, Reports: 1, Complexity: Med/Low

#39 Manoj Kumar

Contact: www.facebook.com/manoj2621
Discovery: Clickjacking, Reports: 1, Complexity: Med/Low

#40 Roy Jansen

Contact: https://www.facebook.com/RoyJansen01
Discovery: XSS, Reports: 1, Complexity: Med/Low

#41 Lokesh Kumar

Contact: https://www.facebook.com/vijayanlokeshkumar
Discovery: XSS, Clickjacking, Session, Poodle vuln, Reports: 7, Complexity: Med/Low

#42 Prashant Rajput

Contact: Prashant Rajput (https://www.facebook.com/HACKDIVE), Avnish Kumar https://www.facebook.com/avn005), Nishant Maurya (https://www.facebook.com/nishant.maurya3) Organization: RMAR Technologies Pvt. Ltd. (www.rmar.in)
Discovery: Source Disclosure, Reports: 1, Complexity: Med/Low

#43 Anurag Srivastava

Contact: Anurag Srivastava https://www.facebook.com/anurag424242 & Shubham Gupta https://www.facebook.com/shubham.hackers
Discovery: Clickjacking, Reports: 4, Complexity: Med/Low

#44 Somil Keswani

Contact: https://in.linkedin.com/pub/somil-keswani/23/879/15
Discovery: Clickjacking, Reports: 1, Complexity: Med/Low

#45 Kishan Sharma

Contact: thekishansharma@gmail.com
Discovery: Clickjacking, Reports: 3, Complexity: Med/Low

#46 Nitin Pandey

Contact: https://www.facebook.com/initinpandey
Discovery: Clickjacking, Reports: 1, Complexity: Med/Low

#47 Ashish Pathak

Contact: https://twitter.com/pathakbackz
Discovery: SQL, Reports: 1, Complexity: Med

#48 Aakash Shukla

Contact: https://www.facebook.com/TheAakashHacker
Discovery: Clickjacking, Reports: 1, Complexity: Med/Low

#49 Satyam Rastogi

Contact: facebook id - https://www.facebook.com/hackersatyamrastogi

Company - https://peripheralsecurityexperts.in

Discovery: Clickjacking, Reports: 2, Complexity: Med/Low

#50 Vikas Arora

Contact: www.vikasarora.org,www.facebook.com/vikas.arora.cto (RMAR Technologies Pvt ltd).L90
Discovery: OS Vulnerability, Reports: 7, Complexity: Low

#51 Sai Charan

Contact: Twitter: @charanmukkamala
Discovery: Cross Site Scripting, Reports: 2, Complexity: Medium/ Low

#52 Aamir Khan

Contact: Twitter: https://www.facebook.com/Aamir9795734
Discovery: Vulnerable Auth, Reports: 1, Complexity: Medium/ Low

#53 Asim Bilal

Contact: https://www.facebook.com/Asim.Bilal.Adil
Discovery: Page Error, Reports: 1, Complexity: Low

#54 Kamram Saifullah

Contact: kamransaifullah786@gmail.com
Discovery: Clickjacking, Reports: 1, Complexity: Medium/ Low

#55 Russel Laurio

Contact: https://www.facebook.com/russelvan.l
Discovery: Clickjacking, Reports: 1, Complexity: Medium/ Low

#56 Konduru Jashwanth

Contact: https://www.facebook.com/kondurujashwant
Discovery: Clickjacking, Reports: 1, Complexity: Medium/ Low

#57 Ramin Farajpour Cami

Contact: Twitter: @MF4rr3ll
Discovery: Clickjacking, Reports: 2, Complexity: Medium/ Low

#58 Ayoub Ait Elmokhtar

Contact: https://www.facebook.com/abessadek
Discovery: Clickjacking, Reports: 1, Complexity: Medium/ Low

#59 Deepak Kumar Nath

Contact: https://www.facebook.com/deepakkumar.nath0
Discovery: Clickjacking, Reports: 1, Complexity: Medium/ Low

#60 SaifAllah benMassaoud

Contact: https://www.facebook.com/WhiteHatSecuri
Discovery: Vulnerable SSL, Reports: 1, Complexity: Medium/ Low

#61 Muhammed Gamal Fahmy

Contact: https://www.facebook.com/profile.php?id=646694111
Discovery:XSS, Reports: 1, Complexity: Medium/ Low

#62 Karthik Reddy Chinnaganta

Contact: https://www.facebook.com/karthikreddy29
Discovery: Clickjacking, Reports: 2, Complexity: Medium/ Low

#63 Sai Man

Contact: facebook.com/SaiManWebs
Discovery: Clickjacking, Reports: 1, Complexity: Medium/ Low

#64 Mansouri Badis

Contact: https://www.facebook.com/el.cazad.39
Discovery: Various, Reports: 5, Complexity: Medium/ Low

#65 Nipun Somani

Contact: Facebook.com/nipunsomani
Discovery: Clickjacking, Reports: 1, Complexity: Medium/ Low

#66 Aaditya Purani

Contact: https://twitter.com/aaditya_purani
Discovery: Clickjacking/ Poodle, Reports: 1, Complexity: Medium/ Low

#67 Ishwar Prasad

Contact: NIL
Discovery: Clickjacking, Reports: 1, Complexity: Medium/ Low

#68 Ahmed Abdalla

Contact: https://www.facebook.com/mr.alexseve
Discovery: CSS/ Disclosure, Reports: 2, Complexity: Medium/ Low

#69 Jay Patel

Contact: https://www.facebook.com/jaypatel9717
Discovery: Clickjacking, Reports: 1, Complexity: Medium/ Low

#70 Rui Silva

Contact: https://www.facebook.com/dreamzz.twp
Discovery: Redirect, Reports: 1, Complexity: Medium/ Low

#71 Pradeep Kumar

Contact: https://facebook.com/pradeepch99
Discovery: Poodle, Reports: 1, Complexity: Medium

#72 Sumit Sahoo

Contact: https://www.facebook.com/54H00
Discovery: Misconfiguration, Reports: 1, Complexity: Medium/ Low

#73 Michal Koczwara

Contact: https://uk.linkedin.com/in/michalkoczwara
Discovery: Poodle, Reports: 1, Complexity: Medium

#74 Shawar Khan

Contact: www.facebook.com/shawarkhanskofficial
Discovery: Poodle, Reports: 1, Complexity: Medium

#75 Lawrence Amer

Contact: https://facebook.com/lawrence.aamor
Discovery: CORS, Reports: 1, Complexity: Medium/ Low

#76 Harsh Rai

Contact: @harshthegreat92
Discovery: Poodle, Reports: 1, Complexity: Medium

#77 Nadi Abdellah

Contact: https://www.facebook.com/Fatality04
Discovery: Poodle, Reports: 1, Complexity: Medium

#78 Ashesh Kumar

Contact: facebook.com/ashesh1708
Discovery: SPF Protection, Reports: 1, Complexity: Medium/ Low

#79 Pratyush Anjan Sarangi

https://www.facebook.com/riozaki.sam
Discovery: Clickjacking, Reports: 1, Complexity: Medium/ Low

#80 Muhammed Zeeshan

Contact: https://facebook.com/Zeeshan.1337
Discovery: Poodle, Reports: 1, Complexity: Medium

#81 Karim Rahal

Contact: https://twitter.com/KarimMTV
Discovery: Poodle, Reports: 1, Complexity: Medium

#82 Mohamed Nour

Contact: https://www.facebook.com/mohamed.zeus.0
Discovery: Clickjacking, Reports: 1, Complexity: Medium/ Low

#83 Danyal Zafar

Contact: https://twitter.com/danyalzafar143
Discovery: Clickjacking, Reports: 4, Complexity: Medium/ Low

#84 Muhammad Abdullah

Contact: https://facebook.com/root.abdullah
Discovery: SMTP Vuln/ XSS, Reports: 2, Complexity: Medium/ Low

#85 Faisel Ahmed

Contact: https://www.facebook.com/Crystal.V1p3r
Discovery:Auth, Reports: 1, Complexity: Low

#86 Mandeep Jadon

Contact: https://www.facebook.com/mandeep.jadon.5
Discovery: Poodle, Information disclosure, Clickjacking, Reports: 14, Complexity: Medium

#87 Dhayalan B

Contact: https://www.facebook.com/dhayalanbalakrishnan
Discovery: Poodle, Reports: 1, Complexity: Medium

#88 Youssef Gad

Contact: https://www.facebook.com/Root.BR34K
Discovery:XSS, Reports: 1, Complexity: Medium/ Low

#89 Naveen Sihag

Contact: https://twitter.com/itsnaveensihag
Discovery:Auth Vuln, Reports: 1, Complexity: Medium/ Low

#90 Karim Mohamed

Contact: https://www.facebook.com/X.TiGeR.K
Discovery: XSS, Reports: 1, Complexity: Medium/ Low

#91 Muhammad Osama

Contact:https://www.facebook.com/profile.php?id=100001183774319
Discovery: Poodle, Reports: 1, Complexity: Medium

#92 Sushil Ram

Contact: https://www.facebook.com/gamersushil
Discovery: Clickjacking/ CSRF, Reports: 2, Complexity: Medium/ Low

#93 Ahmed Adel Abdelfattah

Contact:https://www.facebook.com/00SystemError00
Discovery: Poodle/ CSRF, Reports: 2, Complexity: Medium/ Low

#94 Kamran Saifullah

Contact: pk.linkedin.com/in/KamranSaifullah786
Discovery:Clickjacking, Reports: 1, Complexity: Medium/ Low

#95 Sandeep Sudhagani

Contact:https://www.facebook.com/sandeep.sudhagani
Discovery: Auth Vuln, Reports: 1, Complexity: Medium/ Low

#96 Mehmet Nurcan

Contact: https://www.facebook.com/mehsul
Discovery: XSS, Reports: 1, Complexity: Medium/ Low

#97 Rahul Bevinagidad

Contact: saimanaarkay@gmail.com
Discovery: Clickjacking, Reports: 1, Complexity: Medium/ Low

#98 Ali Wamim Khan

Contact: Facebook.com/d4rkcod3
Discovery: Poodle, Reports: 1, Complexity: Medium/ Low

#99 Anre Manole

Contact: https://plus.google.com/+AndreiManoleSecuirity . GADGET?
Discovery: XSS, Reports: 1, Complexity: Medium/ Low

#100 Mohamed Khaled Fathy

Contact: squnity.com
Discovery: Information Leakage, Reports: 1, Complexity: Medium/ Low

#101 Mohammed El Bess

Contact: https://www.facebook.com/halbess
Discovery: XSS, Reports: 1, Complexity: Medium/ Low

#102 Aworunse Matthew Temmy

Contact: https://facebook.com/aaworunse
Discovery: SSL from unsecure page, Reports: 1, Complexity: Medium/ Low

#103 Daniyal Nasir

Contact: https://www.zetrew.com
Discovery: Clickjacking, Reports: 1, Complexity: Medium/ Low

#104 Othmane Tamagart

Contact: www.facebook.com/0thm4n
Discovery: Poodle, Reports: 1, Complexity: Medium/ Low

#105 Florian Kunushevci

Contact: https://www.facebook.com/misteriozi.pirat.kwg
Discovery: Insecure Login, Reports: 1, Complexity: Medium/ Low

#106 Devrell Moirangthem

Contact: https://facebook.com/devrell.moirangthemii
Discovery: Clickjacking, Reports: 1, Complexity: Medium/ Low

#107 Thiyam Suresh

Contact: https://facebook.com/thiyamsureshsingh
Discovery: Clickjacking, Reports: 1, Complexity: Medium/ Low

#108 Muhammad Awais Noshashi

Contact: https://facebook.com/Xx.CyberSpy.xX
Discovery: server error, Reports: 1, Complexity: Low

#109 Ali Tabish

Contact: https://www.facebook.com/?q=#/tabish.ali.3701
Discovery: Clickjacking & HTTPS to HTTP, Reports: 2, Complexity: Medium/ Low

#110 Hamza Zulfiqar Bhatti

Contact: https://twitter.com/bhattihaxor
Discovery: Clickjacking & Session Overtake, Reports: 2, Complexity: Medium/ Low

#111 Jay Jani

Contact: https://www.facebook.com/janijay007
Discovery: Clickjacking, Reports: 1, Complexity: Medium/ Low

#112 Vijith Pv

Contact: fb.com/vijithvellora
Discovery: Clickjacking, Reports: 1, Complexity: Medium/ Low

#113 Jay Patel

Contact: https://facebook.com/jaypatel34
Discovery: Clickjacking, Reports: 1, Complexity: Medium/ Low

#114 Armaan Pathan

Contact: https://facebook.com/armaan.pathan1
Discovery: Clickjacking & Auth Vuln, Reports: 2, Complexity: Medium/ Low

#115 Nikhil Mittal

Contact: https://twitter.com/nikhilmittal641
Discovery: Auth Vuln, SSL, Reports: 2, Complexity: Medium/ Low

#116 Gilal Mansoor

Contact: https://www.facebook.com/mansoor.gilal1
Discovery: Auth Vuln, Reports: 1, Complexity: Medium/ Low

#117 Waqar Vicky

Contact: https://twitter.com/nikhilmittal641
Discovery: Auth Vuln, SSL, Reports: 2, Complexity: Medium/ Low

#118 Sharan Kumar

Contact: https://m.facebook.com/sharzzs
Discovery: HTTP, Reports: 1, Complexity: Medium/ Low

#119 Alec Blance

Contact: www.facebook.com/alec.blance
Discovery: Clickjacking, Reports: 1, Complexity: Medium/ Low

#120 Suresh Thiyam

Contact: https://facebook.com/thiyamsureshsingh
Discovery: Clickjacking, Reports: 2, Complexity: Medium/ Low

#121 Waqeeh Ul Hasan

Contact: https://twitter.com/alihasanghauri
Discovery: TLS, Reports: 1, Complexity: Medium/ Low

#122 Utsav Gupta

Contact: www.facebook.com/princerulez
Discovery: Session, Reports: 1, Complexity: Medium/ Low

#123 Yogendra Jaiswal

Contact: www.facebook.com/yj61194
Discovery: Session, HTTPS, Reports: 2, Complexity: Medium/ Low

#124 Arbin Godar

Contact: https://www.facebook.com/arbin.godar
Discovery: Clickjacking, Reports: 1, Complexity: Medium/ Low

#125 Muhammad Uwais

Contact: https://www.facebook.com/Venom.Uwais
Discovery: Clickjacking, Reports: 1, Complexity: Medium/ Low

#126 Dawe Cameron

Contact: https://www.spam404.com/
Discovery: XSS, Reports: 1, Complexity: Medium/ Low

#127 Ye Yint

Contact: whatisyourbug@gmail.com
Discovery: TLS, Reports: 1, Complexity: Medium/ Low

#128 Nassim Bouali

Contact: derision.t@gmail.com
Discovery: XSS, Reports: 1, Complexity: Medium/ Low

#129 Nur A Alam Dipu

Contact: twitter.com/Dipu1A
Discovery: Under Investigation, Sever Error, Open-redirector, Reports: 3, Complexity: Medium/Low

#130 Arun Samuel

Contact: https://www.linkedin.com/in/arun-samuel-94351956/
Discovery: Private IP disclosure, Source code disclosure, Reports: 2, Complexity: Medium/ Low

This program crawled on the 2015-06-30 is sorted as cvd.

custhelp : Coordinated Vulnerability Disclosure Guidelines

Hall of Fame

Old Finds

FireBounty - Add your Vulnerability Disclosure Policy