BUGemot

Vulnerability Disclosure and Reward Program

Founded vulnerabilities

BUG-254
Variable manipulation, ticket price can be changed

22 June 2017

BUG-253
Update User information

22 June 2017

BUG-252
Stored XSS on registration

22 June 2017

BUG-251
Bypass user login

21 June 2017

BUG-250
XSS in Search

19 June 2017

BUG-249
XSS in Search

02 June 2017

BUG-248
Directory Traversal

30 May 2017

BUG-247
XSS on Search page

30 May 2017

BUG-246
Errors

13 May 2017

BUG-245
XSS on site

16 April 2017

BUG-243
SQL İnjection

15 April 2017

BUG-242
All database

15 April 2017

BUG-241
reading phpinfo()

15 April 2017

BUG-240
XSS on website

13 April 2017

BUG-239
Information about folder

07 April 2017

BUG-238
MySQL error seen

03 April 2017

BUG-237
XSS on Search

03 April 2017

BUG-233
SQL Injection

18 March 2017

BUG-232
SQL Injection bug

18 March 2017

BUG-231
sql injection and admin page bypass

03 March 2017

BUG-229
XSS

27 February 2017

BUG-228
Sensitive data

27 February 2017

BUG-227
XSS

27 February 2017

BUG-226
SQL injection

27 February 2017

BUG-224
SQL injection

27 February 2017

BUG-223
Sensitive information

27 February 2017

BUG-222
XSS

27 February 2017

BUG-221
SQL injection

19 February 2017

BUG-220
Admin page Bypass and Sql injection

19 February 2017

BUG-218
Admin Page Bypass

18 February 2017

BUG-217
XSS

16 February 2017

BUG-216
admin page bypass + shell upload

15 February 2017

BUG-215
News portal sql injection

15 February 2017

BUG-213
Information about folder

29 January 2017

BUG-212
News Agency

19 January 2017

BUG-211
XSS

18 January 2017

BUG-210
XSS in search

12 January 2017

BUG-208
Blind SQL Injection

11 January 2017

BUG-207
Cross site scripting

11 January 2017

BUG-206
Weakness on Web Server

11 January 2017

BUG-205
XSS

08 January 2017

BUG-204
XSS

08 January 2017

BUG-203
Blind Sql

07 January 2017

BUG-202
XSS - CSS

03 January 2017

BUG-201
File inclusion vulnerability

03 January 2017

BUG-200
Reflected XSS Vulnerability

02 January 2017

BUG-199
SQL injection

01 January 2017

BUG-198
Wordpress + SQL injection + shell

01 January 2017

BUG-197
Blind SQL Injection

29 December 2016

BUG-196
SQL injection

24 December 2016