Banner object (1)

Hack and Take the Cash !

676 bounties in database
17/10/2018

Reward

Dreamland

The family and seasonal store has a spacious and diverse offer: from (outside) toys, multimedia and gifts about school supplies and sports accessories to children's bedrooms and decorative material. Dreamland inspires children from 0 to 14 year and their parents, family and friends and encourages them to play together.

To make it even easier for online customers Dreamland integrated in the fall of 2016 it's new webshop in his website. That makes online shopping even easier, improves online search results and provides more visitors on the site.IMPORTANT: The websites Dreamland, Dreambaby and Collishop partially share the same codebase. They can contain common issues. If a specific issue has already been found in another one of these websites it will be treated as a duplicate for this one.

We do not accept any kind of brute-forcing attacks on forms.

Only the web application running at the following URL is in scope: https://www.dreamland.be

General Best practices concerns Highly speculative reports about theoretical damage. Proof it and be concrete. DDoS or any kind of Brute Forcing Attacks Publicly accessible login panels Reports that state that software is out of date/vulnerable without proven exploitable risks Vulnerabilities as reported by automated tools without additional analysis as to how they're an issue in the context of our tool * Physical or social engineering attempts (this includes phishing attacks against employees)

Application Stack trace information Open redirects XSS issues in non-current browsers (older than 3 versions) Self-XSS that cannot be used to exploit other users (this includes having a user paste JavaScript into the browser console) Cross-site Request Forgery (CSRF) with minimal security implications (Logout CSRF, etc.), only create/update and delete actions are interesting Missing cookie flags on non-security sensitive cookies Missing security headers which do not present an immediate security vulnerability Banner grabbing issues (figuring out what web server we use, etc) Clickjacking Username/email enumeration via Login Page or Forgot Password error messages

Infrastructure Open ports without an accompanying proof-of-concept demonstrating vulnerability Recently disclosed 0 day vulnerabilities in commercial products where no patch or a recent patch (< 2 weeks) is available. We need time to patch our systems just like everyone else - please give us 2 weeks before reporting these types of issues. * Weak SSL configurations and SSL/TLS scan reports (this means output from sites such as SSL Labs)

Exceptional: € 5.000 :

  • Remote Code Execution

Critical: € 2.500 :

  • Access to critical information of all customers

High: € 1.500 :

  • Stored XSS

Medium: € 500 :

  • Reflected Cross-Site scripting

Only the web application running at the following domain is in scope: https://www.dreamland.be

Guidelines Provide detailed but to-the point reproduction steps Include a clear attack scenario, a step by step guide in the PoC is highly appreciated Abide with the "Colruyt Policy for investigation of security problems" set of rules. Please do NOT discuss bugs before they are fixed (including PoC's on youtube and vimeo)

Thanks
Gift
Hall of Fame
Reward


List your Bug Bounty for free immediately!

Contact us if you want more information.

FireBounty (c) 2015-2018