Security Bug BountyKnow a vulnerability? Report and get a reward!
We prepared an awesome rewards for every hacker, who report a vulnerability bug to us. The purpose of the this program is to quickly discover any vulnerabilities that exist in the RoyalSSL service, and provide our users the most secure service possible.
Bug Bounty Program Rules
- Cross-Site Scripting (XSS)
- Remote Code Execution (RCE)
- Server-Side Request Forgery (SSRF)
- SQL Injection
- Encryption Break
- Authentication Bypass
- Sensitive Information leaks or disclosure
- Payment manipulation
Web Application Firewall
- Denial of service
- Social engineering
- Brute Force attacks
- Cookie attributes not set/Secure flag issues
- Missing SPF records
API & API key related bugs
How to report a bug?
- Send the bug report to firstname.lastname@example.org, join us on hackerone or use our online form.
- The reports have to be submitted in English.
- Include as much information in your report as you can, including a description of the bug, its potential impact, and steps for reproducing it or proof of concept.
- We will contact you back as soon as possible. In the meanwhile we evaluate your report and get back to you with more information.
|Cross-Site Scripting (XSS)||Ability to hijack a session or execute scripts through an XSS attack||€ 25,00|
|Security misconfiguration||Description||€ 50,00|
|SQL-Injection||Ability to access private information through an SQL injection attack||€ 1,000|
Wall of FameWe would like to thank all our contributors through this wall of fame
|1||John Cena||Cross-Site Scripting (XSS) / Security misconfiguration|
|2||John Travolta||Cross-Site Scripting (XSS) / Security misconfiguration|
|3||John Doe||Cross-Site Scripting (XSS) / Security misconfiguration|