Program stats

93 vulnerabilities rewarded

Latest hall of famers

Recently joined this program

OnePageCRM converts leads to customers fast. It does it in a beautiful user experience on one, simple, dashboard


Out of Scope Targets

Please sign up to OnePageCRM with an address in the format

Out of Scope Bugs
• Banner/version disclosure
• DDOS attacks
• CRIME/BEAST attacks
• Social Engineering
• Brute force password cracking
• Issues that cannot be reproduced
• Username enumeration
• Previously reported bugs
• Bugs specific to unsupported browsers/plugins
• Bugs that rely on impractical user action
• Logout cross-site request forgery
• URL redirection
• Cross-Site Scripting (XSS)

Focus Areas:
• Cross-Site Request Forgery (CSRF/XSRF)
• Broken Authentication
• Remote Code Execution
• Privilege Escalation


This program follows Bugcrowd’s standard disclosure terms.

This program does not offer financial or point-based rewards for P5 — Informational findings. Learn more about Bugcrowd’s VRT.

This bounty requires explicit permission to disclose the results of a submission.