11-06-2025, 05:23 PM
To submit a Severe Bug, please message us here directly. Other messages will be ignored.
Payouts:
Rewards depend on the severity and method of exploitation. For critical vulnerabilities such as SQL Injection (SQLi), Remote Code Execution (RCE), Authentication Bypass, and Critical XSS, payouts range from $500 to $1,000.
What We Do NOT Accept:
Payouts:
Rewards depend on the severity and method of exploitation. For critical vulnerabilities such as SQL Injection (SQLi), Remote Code Execution (RCE), Authentication Bypass, and Critical XSS, payouts range from $500 to $1,000.
What We Do NOT Accept:
- Minor UI issues or cosmetic bugs
- Low-risk XSS affecting only a single user without exposure of sensitive data
- Typos, grammatical errors, or non-critical functionality issues
- Bugs that require unrealistic conditions or extensive user interaction to exploit
- Provide a clear description of the vulnerability
- Include detailed steps to reproduce the issue
- Provide a proof-of-concept (PoC) safely, without targeting real users