• $200 – $2,500 per vulnerability
  • Partial safe harbor
  • Managed by Bugcrowd

Program stats

83 vulnerabilities rewarded

Validation within 2 days
75% of submissions are accepted or rejected within 2 days

$1,250 average payout (last 3 months)

Latest hall of famers

Recently joined this program


Please note: This program does not allow disclosure. You may not release information about vulnerabilities found in this program to the public.

PlanetHoster offers premium Web Hosting Solutions: Shared Hosting World Platform, Reseller solution Multi-World and Dedicated Server HybridCloud.

Payment Testing Credit: Each researcher account contains €100 of credit to buy PlanetHoster products for testing. If you run out of testing credit, please email


For the initial prioritization/rating of findings, this program will use the Bugcrowd Vulnerability Rating Taxonomy. However, it is important to note that in some cases a vulnerability priority will be modified due to its likelihood or impact. In any instance where an issue is downgraded, a full, detailed explanation will be provided to the researcher - along with the opportunity to appeal, and make a case for a higher priority.

Reward range

Last updated

Technical severity Reward range
p1 Critical $2,000 - $2,500
p2 Severe $1,250 - $1,750
p3 Moderate $750 - $1,000
p4 Low $200 - $500
P5 submissions do not receive any rewards for this program.


In scope

Target name Type Tags Website Testing
  • Bootstrap
  • Laravel
  • jQuery
  • PHP
  • Website Testing Website Testing
  • Bootstrap
  • Ruby on Rails
  • jQuery
  • nginx
  • Ruby
  • Website Testing Website Testing
  • jQuery
  • Zone.js
  • Angular
  • nginx
  • Website Testing API Testing
  • jQuery
  • API Testing
  • HTTP Website Testing
  • nginx
  • Website Testing

Any domain/property of PlanetHoster not listed in the targets section is out of scope. This includes any/all subdomains not listed above.


Each researcher will be given one test account. Please do not change your test email address as this would put you out of compliance with our program. This will be verified during report submission. To obtain credentials, scroll to the bottom of this brief and click the Get Credentials button.

Account Credit

  • The accounts are pre-loaded with €100 of credit to test purchasing and payments on the PlanetHoster platform. You should be supplied with enough credit to fully test the web application, but if you need more credit, please reach out to with your reason for needing additional credit.

Navigating to

Get Your Login Details: Log in to your account and navigate to My Services and select "WORLD" under Product/Service.
Log Into navigate to and input your provided credentials.


API Documentation & Setup

PlanetHoster API Docs

Base URLs for PlanetHoster's Rest APIs

Whitelist IP for API Access

Once signed into the PlanetHoster web portal, to use the API, please whitelist your IP here: Domain Reseller API - Account Info page (or look under the "Domain API" tab of the PlanetHoster Platform). This will allow you to access and use the PlanetHoster API.

Focus Areas

  • Domain Names, DNS Management, Order form.
  • Access to other users' accounts / information.
  • Information that should not be available.
  • User passwords.
  • World hosting panel.


  • Any type of DDoS or DoS attacks - remember you are testing on production.
  • Automated testing on Support channels.

Program rules

This program follows Bugcrowd’s standard disclosure terms.

This program does not offer financial or point-based rewards for P5 — Informational findings. Learn more about Bugcrowd’s VRT.