Getting started
Learn about vulnerability types 
Getting started in bug bounties 
Test your knowledge
Free Web Application Challenges
BugBountyHunter Membership
Guides for your hunts 
ZSeano's Methodology
Effective Note Taking for bug bounties
Useful Resources 
Disclosed HackerOne Reports 
Our community
Endorsed Members
Hackevents 
Member Articles Bumble Program Statistics
5 total issues disclosed
$4,000 total paid publicly
Most disclosed (2 disclosures) — Violation of Secure Design Principles
Disclosed Reports
| Report Title | Vulnerability Type | Disclosed By | Severity | Disclosed on |
|---|---|---|---|---|
| Exfiltrating a victim's exact location (to within 5m) | Information Disclosure | robertheaton | High | 2021-07-21 |
| Bumble API exposes read status of chat messages | Information Disclosure | ndrong | Medium | 2021-03-13 |
| On Singing up with a Phone number , The 4 digit OTP does not expires for a long time leading to an easy attack and make a verified account easilty | Violation of Secure Design Principles | godzkid | High | 2020-11-25 |
| Bruteforce password recovery code | Violation of Secure Design Principles | 0x3c3e | No rating | 2020-01-18 |
| CSRF bug | Cross-Site Request Forgery (CSRF) | dark_heaven | No rating | 2017-06-12 |