Banner object (1)

Hack and Take the Cash !

756 bounties in database
04/01/2019
CFP Time logo

CFP Time

Policy

Please note that this program does not offer rewards for bug submissions as CFP Time is just a small personal project.
This disclosure program is limited to assets in the scope found in the next section.

Scope

Scope is currently: https://www.cfptime.org __

Things To Look For

  • Web application vulnerabilities (Command Injection, SSRF, CSRF, XSS, etc)
  • Security misconfigurations
  • Suggested security improvements
  • Information leakage
  • Multi-byte/binary exploitation
  • Security header configurations
  • Etc...

Automated tools are tolerated for the moment as long as you do not cause network/service disruption for me or third-parties. Testing must not cause issues for other organisations such as hosting providers, network operators or ISPs.

Disclosure Policy

Let me know of any potential vulnerabilities as soon as possible and I will make every effort to resolve the issue quickly.
Share with me the full details of any vulnerability including steps to reproduce if applicable.
Provide me a reasonable amount of time to fix the issue before disclosure to the public or a third-party.
Try to avoid degradation of service, destruction of data or privacy violations.
I will make every effort to abide by HackerOne's disclosure guidelines: https://hackerone.com/disclosure-guidelines

Exclusions

While researching, please do not attempt the following:

  • Denial of service (DoS)
  • Spamming
  • Phishing
  • Spoofing or hijacking
  • Man in the Middle (MiTM) or interception
  • Attacks which require physical presence on the network of a user
  • Domain name hijacking or theft
  • Account hijacking or theft
  • Cybersquatting
  • Social engineering
  • Physical/real-life attacks
  • Anything that could falsely lower the reputation of me or my website
  • Anything that could falsely get me in trouble
  • Attacks on 3rd-party systems that are out of my general control

Rewards

Thank you shown at: https://hackerone.com/cfptime/thanks
Please note that this program does not provide monetary rewards for bug submissions.
Researchers who submit non-issues, false issues or purely opinion-based issues may not be thanked publicly.

Thank you for helping keep CFP Time safe and happy CFPing!

Thanks
Gift
Hall of Fame
Reward


List your Bug Bounty for free immediately!

Contact us if you want more information.

FireBounty (c) 2015-2019