Banner object (1)

Hack and Take the Cash !

661 bounties in database
20/09/2018

Reward

200 $ 

PlanetHoster

PlanetHoster offers premium Web Hosting Solutions: Shared Hosting World Platform, Reseller solution Multi-World and Dedicated Server HybridCloud.

Payment Testing Credit: Each researcher account contains €100 of credit to buy PlanetHoster products for testing. If you run out of testing credit, please email support@bugcrowd.com.


Ratings/Rewards

For the initial prioritization/rating of findings, this program will use theBugcrowd Vulnerability Rating Taxonomy. However, it is important to note that in some cases a vulnerability priority will be modified due to its likelihood or impact. In any instance where an issue is downgraded, a full, detailed explanation will be provided to the researcher - along with the opportunity to appeal, and make a case for a higher priority.

Reward Range

Last updated 24 August 2018 22:51:26 UTC

Technical severity | Reward range
---|---
p1 Critical | $2,000 - $2,500
p2 Severe | $1,250 - $1,750
p3 Moderate | $750 - $1,000
p4 Low | $200 - $500

P5 submissions do not receive any rewards for this program.

Targets

In scope

Target name | Type
---|---
www.planethoster.com | Website
my.planethoster.com | Website
world.planethoster.net | Website
api.planethoster.net | API

Any domain/property of PlanetHoster not listed in the targets section is out of scope. This includes any/all subdomains not listed above.


Access/Credentials

Each researcher will be given one test account. Please do not change your test email address as this would put you out of compliance with our program. This will be verified during report submission. Please also follow the guide below to obtain credentials.

1.) To request access to the program, first log into your Bugcrowd researcher account.

  • Current Researchers can log in here: https://bugcrowd.com/user/sign_in.
  • New researchers can sign up here: https://bugcrowd.com/user/sign_up.

2.) Once signed in, please email support@bugcrowd.com to request credentials.

  • Please use the subject line '@@@@PlanetHoster Credential Request@@@@'.

3.) Bugcrowd will distribute your access code as quickly as possible.

  • You will be provided unique credentials for PlanetHoster.
  • Please allow 24 business hours (PST) for your access to be granted.

Account Credit

  • The accounts are pre-loaded with €100 of credit to test purchasing and payments on the PlanetHoster platform. You should be supplied with enough credit to fully test the web application, but if you need more credit, please reach out to support@bugcrowd.com with your reason for needing additional credit.

Navigating to world.planethoster.net

Get Your Login Details: Log in to your account and navigate to My Services and select "WORLD" under Product/Service.
Log Into world.planethoster.net: navigate to and input your provided credentials.


API

API Documentation & Setup

PlanetHoster API Docs

Whitelist IP for API Access

Once signed into the PlanetHoster web portal, to use the API, please whitelist your IP here: Domain Reseller API - Account Info page (or look under the "Domain API" tab of the PlanetHoster Platform). This will allow you to access and use the PlanetHoster API.


Focus Areas

  • Domain Names, DNS Management, Order form.
  • Access to other users' accounts / information.
  • Information that should not be available.
  • User passwords.
  • World hosting panel.

Out-of-Scope

  • Automated testing on Support channels.

Program rules

This program follows Bugcrowd’s standard disclosure terms.

This program does not offer financial or point-based rewards for P5 — Informational findings. Learn more about Bugcrowd’s VRT.

Thanks
Gift
Hall of Fame
Reward


List your Bug Bounty for free immediately!

Contact us if you want more information.

FireBounty (c) 2015-2018