SignUp.com Responsible Disclosure Hall of Fame!
This page lists people who have had bugs accepted by SignUp.com's Responsible Disclosure Program. Their hard work is making the internet a safer place, thanks!
- Balvinder Singh (multiple bugs associated with authentication and authorization)
https://www.facebook.com/destroyerballi - Mostafa ElGamhody (XSS issue and API validation)
https://www.facebook.com/gamhody - Ahmed Abdalla Fathi (XSS issues)
link : https://www.fb.com/mr.alexseve - Pratyush Anjan Sarangi (XSS)
LinkedIn: https://in.linkedin.com/in/pratyush-anjan-sarangi-938411106 - Ali Hassan Ghori (SSL vulnerability)
Link: https://www.securitywall.co/ - Pflash Punk (XSS)
Link : https://twitter.com/PflashPunk
Company : blackroot.in - Virender C. Nishad (XSS)
official website : www.virender.in
company website : www.blackroot.in
facebook: https://www.facebook.com/Mr.7R1CK3R - Harsh Rai (Authentication issues)
Link : https://twitter.com/harshthegreat92 - Zee Shan (XSS)
Link: fb.com/zeex.zeeshan - Tayyab Qadir (XSS)
Link : https://www.facebook.com/tqMr.EditOr - Santhosh Kumar (XSS)
facebook: https://www.facebook.com/mr.idiot21 - Muhammad Zeeshan (XSS)
facebook: facebook.com/zeeshan.1337 - G.Manideep (XSS)
twitter @Mani0x00 - Muhammad Uwais (amazon s3 permissions)
facebook : https://www.facebook.com/Venom.Uwais - Muhammad Amr Nasef (png upload xss)
twitter @C4U53 - Arbin Godar (Text injection, CSRF)
Profile: https://www.facebook.com/arbin.godar - Konduru Jashwanth (Self XSS)
Linkedin : https://www.linkedin.com/in/kondurujashwanth - Roy Jansen (Stored XSS)
LinkedIn: https://www.linkedin.com/in/royjansen01 - Manuel Eve A. Laude (Stored XSS)
facebook: https://www.facebook.com/0x6576652061757374726961206c61756465 - Rico A. Silvallana (CSRF)
facebook: https://facebook.com/yslvlln - Jolan Saluria (Open Relay)
facebook: https://www.facebook.coom/jlnslr - Harry M. Gertos (subdomain takeover)
Twitter: @GertyBoy27
Website: https://www.harrymginfosec.com - Vikash Chaudhary CEO & Founder at HackersEra Cyber Security Consultancy PVT LTD (XSS)
LinkedIn: https://www.linkedin.com/in/offensivehunter/ - Rewanth Cool (HTTP header forgery)
Website: https://twitter.com/Rewanth_Cool - Shivam Kamboj Dattana (Session management)
Twitter: https://twitter.com/Sechunt3r - Ari Apridana (Facebook login impersonation)
LinkedIn: https://www.linkedin.com/in/ariapridana - Somesh Sanjay Rasal (Authentication failure rate limit)
LinkedIn: https://www.linkedin.com/in/somesh-rasal/ - Victor Petrescu (S3 bucket security)
Twitter: @VictorPetrescu - Vijay Shankar Tikudave (reset password security issues)
Linkedin: https://www.linkedin.com/in/vijay-tikudave-997993130 - Bishal Shrestha(विशाल श्रेष्ठ) (Angular injection, CSRF, XSS, and text injection, whew!)
https://m.facebook.com/therbish4l - Tushar Rawool (Google Login validation)
- ElMahdi Mrhassel (Image upload permissions)
https://www.facebook.com/goku0x - ManhNho (change password link vulnerability)
https://facebook.com/aviciiCloud - Shivam Pawar (change password rate limit)
https://www.linkedin.com/in/shivampawar/ - Sundar Lal Baror (comment delete permissions)
https://www.facebook.com/sundar.baror - David Cian (IDOR)
https://davidcian.com - d3vpoo1 (API issue - IDOR)
https://gitlab.com/jrckmcsb/ - Yash Koradia (exif stripping)
https://www.linkedin.com/in/yash-koradia-b23101171/ - Tom Knabe (missed redaction for PII)
https://tomknabe.com/ - Richie from ZYB (reflected XSS)
https://www.zyb.ae - Fani Malik (CORS misconfiguration)
https://twitter.com/fanimalikhack - Kabeer Saxena (reflected XSS)
https://www.linkedin.com/in/kabeersaxena/ - Shreyas Ghevariya (mixed content warnings)
https://www.linkedin.com/in/shreyas-ghevariya-752b96227/ - Nikhil Rane (link injection on user profile edit)
https://www.linkedin.com/in/nikhil-rane-31733a217 - Corrie Sloot (subdomain takeover)
https://www.linkedin.com/in/corriesloot/ - Shivam Sharma (Password Length Bypass)
https://www.linkedin.com/in/shivam-sharma-547061228 - Vijay Vilas Sutar (Reflected XSS)
https://www.linkedin.com/in/vijay-sutar-444b9a81 - Vaibhav Itankar (Clickjacking)
https://twitter.com/vaibhav_4211 - Mesum Raza (Rate limit bypass on Reset Password, Mass Account Password Reset)
https://www.linkedin.com/in/mesum-raza-471651234 - V Shashank (Password Reset Token Invalidation)
https://www.linkedin.com/in/shashankvenkat
This web site (“Site”) is owned and operated by VolunteerSpot, Inc., dba, Signup.com.
