CCM Benchmark Group is a french online media. We run a network with more than 40 sites in 13 languages, about high-tech, news, health, economy and more. We have more than 50 millions of visitors monthly.
Even if don’t store any serious personal info, we take the security very seriously. That’s the reason we are trying to challenge our code and want to reinforce our practices.
The current program is about our app “restaurant” on our website www.linternaute.com.
The scope of this program includes the following url :
If you believe you have discovered a security vulnerability in a CCM Benchmark website, please report it with a thorough explanation of the vulnerability. Please remember to include full details of the security issue, including Proof-of-Concept URL, the details of the system where the tests were conducted when needed and detailed reproduction steps. Your report must be reproducible to be considered as valid.
On April 23rd and May 7th, France will elect its new President. As this is a very important topic for linternaute.com, the program will be suspended between Friday 21th of April and Monday 24th of April and again between Friday 5th of May and Tuesday 9th of May. No test is allowed during the program suspension, for stability reasons. Of course this will not impact any issue you submitted.
The following vulnerabilities are excluded of all our programs:
CCM Benchmark Group will give some rewards at our discretion for a serious and reproductible vulnerability. You are responsible for any applicable taxes associated with any reward you receive. Any report that result in a change on our codebase will be rewarded, at minimum, by a 50€ reward and a Hall of Fame recognition.
Please note that we may modify the terms of this program or terminate it at any time.
2017-04-24: re-opening of program and scope modifications (switch from exclude to include ;) )
Contact us if you want more information.