Log in
Vulnerability | Reward amount |
---|---|
Remote code execution (RCE) | $6000 — $20000 |
Local files access и другое. (LFR, RFI, XXE) | $2000 — $12000 |
Injections | $2000 — $12000 |
SSRF | $2000 — $8000 |
SSRF, blind | $600 — $3000 |
Memory leaks / IDORs / Disclosure of protected personal data or sensitive user information | $400 — $7000 |
Cross-Site Scripting (XSS) except self-XSS and *.yandex.net | $400 — $3000 |
Cross-Site Request Forgery (СSRF, Flash crossdomain requests, CORS) | $200 — $2000 |
Other confirmed vulnerabilities | based on impact |
Different fraud methods | $300 — $3000 |