OnePageCRM
Super easy online sales CRM for small business
Points per vulnerability
Program stats
94 vulnerabilities rewarded
Latest hall of famers
Recently joined this program
OnePageCRM converts leads to customers fast. It does it in a beautiful user experience on one, simple, dashboard
Targets
Out of Scope Targets
dev.onepagecrm.com
blog.onepagecrm.com
forum.developer.onepagecrm.com
www.onepagecrm.com
staging.onepagecrm.com
Please sign up to OnePageCRM with an address in the format name+bugcrowd@example.com
Out of Scope Bugs
• Banner/version disclosure
• DDOS attacks
• CRIME/BEAST attacks
• Social Engineering
• Brute force password cracking
• Issues that cannot be reproduced
• Username enumeration
• Previously reported bugs
• Bugs specific to unsupported browsers/plugins
• Bugs that rely on impractical user action
• Logout cross-site request forgery
• URL redirection
• Cross-Site Scripting (XSS)
Focus Areas:
• Cross-Site Request Forgery (CSRF/XSRF)
• Broken Authentication
• Remote Code Execution
• Privilege Escalation
Rules
This program follows Bugcrowd’s standard disclosure terms.
This program does not offer financial or point-based rewards for P5 — Informational findings. Learn more about Bugcrowd’s VRT.
This bounty requires explicit permission to disclose the results of a submission.