Getting started
Learn about vulnerability types 
Getting started in bug bounties 
Test your knowledge
Free Web Application Challenges
BugBountyHunter Membership
Guides for your hunts 
ZSeano's Methodology
Effective Note Taking for bug bounties
Useful Resources 
Disclosed HackerOne Reports 
Our community
Endorsed Members
Hackevents 
Member Articles Clario Program Statistics
6 total issues disclosed
$1,750 total paid publicly
Most disclosed (1 disclosures) — Denial of Service
Disclosed Reports
| Report Title | Vulnerability Type | Disclosed By | Severity | Disclosed on |
|---|---|---|---|---|
| rXSS on https://mackeeperapp.mackeeper.com/landings/download-blue/ | Cross-site Scripting (XSS) - Reflected | trungnd95 | Low | 2021-06-30 |
| Cookie injection leads to complete DoS over whole domain *.mackeeper.com. Injection point accountstage.mackeeper.com/ | Denial of Service | mayurudiniya | Low | 2020-10-21 |
| Local Privilege escalation to root via XPC | Privilege Escalation | r3ggi-on-h1 | High | 2020-06-14 |
| Bypass front server restrictions and access to forbidden files and directories through X-Rewrite-Url/X-original-url header on account.mackeeper.com | Misconfiguration | rumiljonov | Medium | 2020-05-15 |
| IDOR at https://account.mackeeper.com/at/load-reports/profile/<profile_id> leaks information about devices/licenses | Insecure Direct Object Reference (IDOR) | m4ii0k | Medium | 2020-05-15 |
| Account verification bypass on translate.kromtech.com | Authentication Bypass Using an Alternate Path or Channel | rumiljonov | Medium | 2020-05-05 |