Banner object (1)

Hack and Take the Cash !

800 bounties in database
  Back Link to program      
20/09/2018
PlanetHoster logo
Thanks
Gift
Hall of Fame
Reward

Reward

200 $ 

In Scope

Scope Type Scope Name
web_application www.planethoster.com
web_application my.planethoster.com
web_application world.planethoster.net
web_application api.planethoster.net

PlanetHoster

PlanetHoster offers premium Web Hosting Solutions: Shared Hosting World Platform, Reseller solution Multi-World and Dedicated Server HybridCloud.

Payment Testing Credit: Each researcher account contains €100 of credit to buy PlanetHoster products for testing. If you run out of testing credit, please email support@bugcrowd.com.


Ratings/Rewards

For the initial prioritization/rating of findings, this program will use theBugcrowd Vulnerability Rating Taxonomy. However, it is important to note that in some cases a vulnerability priority will be modified due to its likelihood or impact. In any instance where an issue is downgraded, a full, detailed explanation will be provided to the researcher - along with the opportunity to appeal, and make a case for a higher priority.

Reward Range

Last updated 24 Aug 2018 22:51:26 UTC

Technical severity | Reward range
---|---
p1 Critical | $2,000 - $2,500
p2 Severe | $1,250 - $1,750
p3 Moderate | $750 - $1,000
p4 Low | $200 - $500

P5 submissions do not receive any rewards for this program.

Targets

In scope

Target name | Type
---|---
www.planethoster.com | Website
my.planethoster.com | Website
world.planethoster.net | Website
api.planethoster.net | API

Any domain/property of PlanetHoster not listed in the targets section is out of scope. This includes any/all subdomains not listed above.


Access/Credentials

Each researcher will be given one test account. Please do not change your test email address as this would put you out of compliance with our program. This will be verified during report submission. To obtain credentials, scroll to the bottom of this brief and click the Get Credentials button.

Account Credit

  • The accounts are pre-loaded with €100 of credit to test purchasing and payments on the PlanetHoster platform. You should be supplied with enough credit to fully test the web application, but if you need more credit, please reach out to support@bugcrowd.com with your reason for needing additional credit.

Navigating to world.planethoster.net

Get Your Login Details: Log in to your account and navigate to My Services and select "WORLD" under Product/Service.
Log Into world.planethoster.net: navigate to and input your provided credentials.


API

API Documentation & Setup

PlanetHoster API Docs

Base URLs for PlanetHoster's Rest APIs

  • Domain API (https://api.planethoster.net/reseller-api/)
  • World API - (https://api.planethoster.net/world-api/)

Whitelist IP for API Access

Once signed into the PlanetHoster web portal, to use the API, please whitelist your IP here: Domain Reseller API - Account Info page (or look under the "Domain API" tab of the PlanetHoster Platform). This will allow you to access and use the PlanetHoster API.


Focus Areas

  • Domain Names, DNS Management, Order form.
  • Access to other users' accounts / information.
  • Information that should not be available.
  • User passwords.
  • World hosting panel.

Out-of-Scope

  • Automated testing on Support channels.

Program rules

This program follows Bugcrowd’s standard disclosure terms.

This program does not offer financial or point-based rewards for P5 — Informational findings. Learn more about Bugcrowd’s VRT.

FireBounty © 2015-2019

Legal notices