Facebook
Club StravaHall of Fame
While no Bug Bounty Reward Program is currently in place for this site, I would like to express my gratitude and recognition to researchers who have helped make this site safer.- Jan '25 : Rivek Tamang editable document found in published content by a club.
- Jan '25 : Pallavi Pandey clickjacking vulnerability
- Oct '24 : Akhil C.D. Open redirection issue (minor)
- Oct '24 : Parth Narula phpBB issues.
- Sep '24 : Gaurang Maheta discovery of an info vulnerability
- Apr '23 : Nguyen Khanh Thuan (VNCS GLOBAL VIET NAM) discovery of XSS vulnerability
- Jan '23 : Nguyen Hoang Quoc An (HTC Global VietNam) -- Discovery of XSS vulnerability
- Jan '23 : Nguyen Phu Hung -- Directory Listings
- Oct '22 : Gaurang Maheta pointed to an outdated server config used for backup.
- Feb '22 : Ravi Prajapati (LinkedIn, OpenBounty)-- Discovery of XSS vulnerability
- Feb '22 : Sainath -- Discovery of XSS vulnerability
- Feb '22 : Chirag Prajapati, Cybertix -- Discovery of XSS vulnerability
- Feb '22 : Shivam Khambe & Mayank Mukhi -- Discovery of general clickjacking vulnerability
- Feb '22 : Shivam Khambe -- Discovery of lack of configuration to reduce risk of email spoofing (SPF)
- Feb '22 : Omkar Korekar -- Discovery of files exposing some server configuration information
All security issues may be reported to Thierry Sourbier : webmaster@onlinetri.com