Report Email Alerts Full Disclosure: 23347 vulnerabilities, 4301 fixed
Open Bug Bounty: 2390 coordinated disclosures
20949 vulnerable websites, 3766 VIP websites
529 security researchers, 1135 notification subscribers

Top Alexa Rank Websites

baidu.com vulnerability
Full Disclosure by Brute Twitter: @brutelogic
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 3
Approved XSS vulnerabilities: 1474
Approved XSS vulnerabilities on VIP websites: 485

amazon.com vulnerability
Full Disclosure by MLT Twitter: @ret2libc
Position in TOP-50 XSS Researchers: 4
Position in TOP-50 VIP XSS Researchers: 14
Approved XSS vulnerabilities: 1080
Approved XSS vulnerabilities on VIP websites: 97

taobao.com vulnerability
Full Disclosure by wangjing

linkedin.com vulnerability
Full Disclosure by Brute Twitter: @brutelogic
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 3
Approved XSS vulnerabilities: 1474
Approved XSS vulnerabilities on VIP websites: 485

tmall.com vulnerability
Full Disclosure by Buglloc

yandex.ru vulnerability
Full Disclosure by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 3
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1197
Approved XSS vulnerabilities on VIP websites: 401

bing.com vulnerability
Full Disclosure by MLT Twitter: @ret2libc
Position in TOP-50 XSS Researchers: 4
Position in TOP-50 VIP XSS Researchers: 14
Approved XSS vulnerabilities: 1080
Approved XSS vulnerabilities on VIP websites: 97

amazon.co.jp vulnerability
Full Disclosure by MLT Twitter: @ret2libc
Position in TOP-50 XSS Researchers: 4
Position in TOP-50 VIP XSS Researchers: 14
Approved XSS vulnerabilities: 1080
Approved XSS vulnerabilities on VIP websites: 97

ask.com vulnerability
Full Disclosure by SymbianSyMoh

microsoft.com vulnerability
Full Disclosure by E1337

imgur.com vulnerability
Full Disclosure by MLT Twitter: @ret2libc
Position in TOP-50 XSS Researchers: 4
Position in TOP-50 VIP XSS Researchers: 14
Approved XSS vulnerabilities: 1080
Approved XSS vulnerabilities on VIP websites: 97

imdb.com vulnerability
Full Disclosure by K3N4NGM5 Twitter: @K3N4NGM5
Position in TOP-50 XSS Researchers: 13
Position in TOP-50 VIP XSS Researchers: 9
Approved XSS vulnerabilities: 1143
Approved XSS vulnerabilities on VIP websites: 463

craigslist.org vulnerability
Full Disclosure by xsscrapy

amazon.de vulnerability
Full Disclosure by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 3
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1197
Approved XSS vulnerabilities on VIP websites: 401

xhamster.com vulnerability
Full Disclosure by Nasrul07 Twitter: @nasrulseven
Position in TOP-50 XSS Researchers: 25
Position in TOP-50 VIP XSS Researchers: 12
Approved XSS vulnerabilities: 329
Approved XSS vulnerabilities on VIP websites: 186

bbc.co.uk vulnerability
Full Disclosure by SecBit

amazon.co.uk vulnerability
Full Disclosure by MLT Twitter: @ret2libc
Position in TOP-50 XSS Researchers: 4
Position in TOP-50 VIP XSS Researchers: 14
Approved XSS vulnerabilities: 1080
Approved XSS vulnerabilities on VIP websites: 97

espn.go.com vulnerability
Full Disclosure by Brute Twitter: @brutelogic
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 3
Approved XSS vulnerabilities: 1474
Approved XSS vulnerabilities on VIP websites: 485

pornhub.com vulnerability
Full Disclosure by Buglloc

amazon.cn vulnerability
Full Disclosure by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 3
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1197
Approved XSS vulnerabilities on VIP websites: 401

ebay.de vulnerability
Full Disclosure by Tactic4l

TOP XSS Researchers

en4rab
Reported 254 vulnerable websites

en4rab
Reported 32 vulnerable websites

ZxX
Reported 9 vulnerable websites

XSStential
Reported 2 vulnerable websites

V1RUS4
Reported 925 vulnerable websites

en4rab
Reported 835 vulnerable websites

watt
Reported 689 vulnerable websites

Rahuldk
Reported 334 vulnerable websites

Latest Submissions

elcomercio.pe
Posted by B4rt Twitter: @bl00dy_B4rt
Position in TOP-50 XSS Researchers: 35
Position in TOP-50 VIP XSS Researchers: 25
Approved XSS vulnerabilities: 290
Approved XSS vulnerabilities on VIP websites: 198
15/07/2015

elcomercio.pe
XSS by B4rt Twitter: @bl00dy_B4rt
Position in TOP-50 XSS Researchers: 35
Position in TOP-50 VIP XSS Researchers: 25
Approved XSS vulnerabilities: 290
Approved XSS vulnerabilities on VIP websites: 198
15/07/2015

elcomercio.pe
XSS by B4rt Twitter: @bl00dy_B4rt
Position in TOP-50 XSS Researchers: 35
Position in TOP-50 VIP XSS Researchers: 25
Approved XSS vulnerabilities: 290
Approved XSS vulnerabilities on VIP websites: 198
15/07/2015

elcomercio.pe
XSS by B4rt Twitter: @bl00dy_B4rt
Position in TOP-50 XSS Researchers: 35
Position in TOP-50 VIP XSS Researchers: 25
Approved XSS vulnerabilities: 290
Approved XSS vulnerabilities on VIP websites: 198
15/07/2015

elcomercio.pe
XSS by B4rt Twitter: @bl00dy_B4rt
Position in TOP-50 XSS Researchers: 35
Position in TOP-50 VIP XSS Researchers: 25
Approved XSS vulnerabilities: 290
Approved XSS vulnerabilities on VIP websites: 198
15/07/2015

elcomercio.pe
XSS by B4rt Twitter: @bl00dy_B4rt
Position in TOP-50 XSS Researchers: 35
Position in TOP-50 VIP XSS Researchers: 25
Approved XSS vulnerabilities: 290
Approved XSS vulnerabilities on VIP websites: 198
15/07/2015

elcomercio.pe
XSS by B4rt Twitter: @bl00dy_B4rt
Position in TOP-50 XSS Researchers: 35
Position in TOP-50 VIP XSS Researchers: 25
Approved XSS vulnerabilities: 290
Approved XSS vulnerabilities on VIP websites: 198
15/07/2015

elcomercio.pe
XSS by B4rt Twitter: @bl00dy_B4rt
Position in TOP-50 XSS Researchers: 35
Position in TOP-50 VIP XSS Researchers: 25
Approved XSS vulnerabilities: 290
Approved XSS vulnerabilities on VIP websites: 198
15/07/2015

elcomercio.pe
XSS by B4rt Twitter: @bl00dy_B4rt
Position in TOP-50 XSS Researchers: 35
Position in TOP-50 VIP XSS Researchers: 25
Approved XSS vulnerabilities: 290
Approved XSS vulnerabilities on VIP websites: 198
15/07/2015

elcomercio.pe
XSS by B4rt Twitter: @bl00dy_B4rt
Position in TOP-50 XSS Researchers: 35
Position in TOP-50 VIP XSS Researchers: 25
Approved XSS vulnerabilities: 290
Approved XSS vulnerabilities on VIP websites: 198
15/07/2015

elcomercio.pe
XSS by B4rt Twitter: @bl00dy_B4rt
Position in TOP-50 XSS Researchers: 35
Position in TOP-50 VIP XSS Researchers: 25
Approved XSS vulnerabilities: 290
Approved XSS vulnerabilities on VIP websites: 198
15/07/2015

elcomercio.pe
XSS by B4rt Twitter: @bl00dy_B4rt
Position in TOP-50 XSS Researchers: 35
Position in TOP-50 VIP XSS Researchers: 25
Approved XSS vulnerabilities: 290
Approved XSS vulnerabilities on VIP websites: 198
15/07/2015

shop.mango.com
XSS by K3N4NGM5 Twitter: @K3N4NGM5
Position in TOP-50 XSS Researchers: 13
Position in TOP-50 VIP XSS Researchers: 9
Approved XSS vulnerabilities: 1143
Approved XSS vulnerabilities on VIP websites: 463
05/08/2015

rachaelraymag.com
XSS by dim0k Twitter: @d1m0ck
Position in TOP-50 XSS Researchers: 7
Position in TOP-50 VIP XSS Researchers: 4
Approved XSS vulnerabilities: 1079
Approved XSS vulnerabilities on VIP websites: 568
05/08/2015

shop.mango.com
XSS by K3N4NGM5 Twitter: @K3N4NGM5
Position in TOP-50 XSS Researchers: 13
Position in TOP-50 VIP XSS Researchers: 9
Approved XSS vulnerabilities: 1143
Approved XSS vulnerabilities on VIP websites: 463
05/08/2015

shop.mango.com
XSS by K3N4NGM5 Twitter: @K3N4NGM5
Position in TOP-50 XSS Researchers: 13
Position in TOP-50 VIP XSS Researchers: 9
Approved XSS vulnerabilities: 1143
Approved XSS vulnerabilities on VIP websites: 463
05/08/2015

shop.mango.com
XSS by K3N4NGM5 Twitter: @K3N4NGM5
Position in TOP-50 XSS Researchers: 13
Position in TOP-50 VIP XSS Researchers: 9
Approved XSS vulnerabilities: 1143
Approved XSS vulnerabilities on VIP websites: 463
05/08/2015

shop.mango.com
XSS by K3N4NGM5 Twitter: @K3N4NGM5
Position in TOP-50 XSS Researchers: 13
Position in TOP-50 VIP XSS Researchers: 9
Approved XSS vulnerabilities: 1143
Approved XSS vulnerabilities on VIP websites: 463
05/08/2015

shop.mango.com
XSS by K3N4NGM5 Twitter: @K3N4NGM5
Position in TOP-50 XSS Researchers: 13
Position in TOP-50 VIP XSS Researchers: 9
Approved XSS vulnerabilities: 1143
Approved XSS vulnerabilities on VIP websites: 463
05/08/2015

shop.mango.com
XSS by K3N4NGM5 Twitter: @K3N4NGM5
Position in TOP-50 XSS Researchers: 13
Position in TOP-50 VIP XSS Researchers: 9
Approved XSS vulnerabilities: 1143
Approved XSS vulnerabilities on VIP websites: 463
05/08/2015

shop.mango.com
XSS by K3N4NGM5 Twitter: @K3N4NGM5
Position in TOP-50 XSS Researchers: 13
Position in TOP-50 VIP XSS Researchers: 9
Approved XSS vulnerabilities: 1143
Approved XSS vulnerabilities on VIP websites: 463
05/08/2015

Top Google PR Websites

whitehouse.gov vulnerability
Full Disclosure by sergeym Approved XSS vulnerabilities: 2
Approved XSS vulnerabilities on VIP websites: 1

edx.org vulnerability
Full Disclosure by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 3
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1197
Approved XSS vulnerabilities on VIP websites: 401

theeuropeanlibrary.org vulnerability
Full Disclosure by Brute Twitter: @brutelogic
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 3
Approved XSS vulnerabilities: 1474
Approved XSS vulnerabilities on VIP websites: 485

addthis.com vulnerability
Full Disclosure by yarbabin Twitter: @yarbabin
Position in TOP-50 XSS Researchers: 34
Position in TOP-50 VIP XSS Researchers: 11
Approved XSS vulnerabilities: 150
Approved XSS vulnerabilities on VIP websites: 127

publications.usa.gov vulnerability
Full Disclosure by SecBit Twitter: @SecBitNet
Approved XSS vulnerabilities: 13
Approved XSS vulnerabilities on VIP websites: 5

topuniversities.com vulnerability
Full Disclosure by Anonymous

sciencedirect.com vulnerability
Full Disclosure by en4rab

mohesr.gov.iq vulnerability
Full Disclosure by R3NW4 Twitter: @R3NW4
Position in TOP-50 XSS Researchers: 14
Position in TOP-50 VIP XSS Researchers: 22
Approved XSS vulnerabilities: 608
Approved XSS vulnerabilities on VIP websites: 44

nsf.gov vulnerability
Full Disclosure by billyzane Twitter: @_billy_zane
Position in TOP-50 XSS Researchers: 12
Position in TOP-50 VIP XSS Researchers: 24
Approved XSS vulnerabilities: 716
Approved XSS vulnerabilities on VIP websites: 58

business.usa.gov vulnerability
Full Disclosure by MLT Twitter: @ret2libc
Position in TOP-50 XSS Researchers: 4
Position in TOP-50 VIP XSS Researchers: 14
Approved XSS vulnerabilities: 1080
Approved XSS vulnerabilities on VIP websites: 97

jstor.org vulnerability
Full Disclosure by crashdemons Twitter: @crashdemons
Position in TOP-50 XSS Researchers: 29
Position in TOP-50 VIP XSS Researchers: 30
Approved XSS vulnerabilities: 197
Approved XSS vulnerabilities on VIP websites: 43

healthycanadians.gc.ca vulnerability
Full Disclosure by Stuxnet Twitter: @_Stuxnet
Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 10
Approved XSS vulnerabilities: 1425
Approved XSS vulnerabilities on VIP websites: 108

un.org vulnerability
Full Disclosure by Stuxnet Twitter: @_Stuxnet
Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 10
Approved XSS vulnerabilities: 1425
Approved XSS vulnerabilities on VIP websites: 108

nws.noaa.gov vulnerability
Full Disclosure by sToRm Position in TOP-50 XSS Researchers: 38
Approved XSS vulnerabilities: 112
Approved XSS vulnerabilities on VIP websites: 6

emeraldinsight.com vulnerability
Full Disclosure by crashdemons Twitter: @crashdemons
Position in TOP-50 XSS Researchers: 29
Position in TOP-50 VIP XSS Researchers: 30
Approved XSS vulnerabilities: 197
Approved XSS vulnerabilities on VIP websites: 43

educationuk.org vulnerability
Full Disclosure by dim0k Twitter: @d1m0ck
Position in TOP-50 XSS Researchers: 7
Position in TOP-50 VIP XSS Researchers: 4
Approved XSS vulnerabilities: 1079
Approved XSS vulnerabilities on VIP websites: 568

culture.gouv.fr vulnerability
Full Disclosure by conslight Twitter: @conslight
Approved XSS vulnerabilities: 1
Approved XSS vulnerabilities on VIP websites: 1

nature.com vulnerability
Full Disclosure by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 3
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1197
Approved XSS vulnerabilities on VIP websites: 401

groups.csail.mit.edu vulnerability
Full Disclosure by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 3
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1197
Approved XSS vulnerabilities on VIP websites: 401

worldcat.org vulnerability
Full Disclosure by e3xpl0it Twitter: @e3xpl0it
Position in TOP-50 XSS Researchers: 17
Position in TOP-50 VIP XSS Researchers: 8
Approved XSS vulnerabilities: 495
Approved XSS vulnerabilities on VIP websites: 247

cervantesvirtual.com vulnerability
Full Disclosure by Stuxnet Twitter: @_Stuxnet
Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 10
Approved XSS vulnerabilities: 1425
Approved XSS vulnerabilities on VIP websites: 108

TOP VIP XSS Researchers

en4rab
Reported 155 vulnerable VIP websites

ZxX
Reported 17 vulnerable VIP websites

en4rab
Reported 155 vulnerable VIP websites

ZxX
Reported 17 vulnerable VIP websites

en4rab
Reported 155 vulnerable VIP websites

watt
Reported 138 vulnerable VIP websites

SecBit
Reported 92 vulnerable VIP websites

E1337
Reported 61 vulnerable VIP websites

initbar
Reported 56 vulnerable VIP websites

NewLife705
Reported 46 vulnerable VIP websites

Unpatched VIP Websites

search.vivastreet.co.in
125 unpatched vulnerabilities

jcrew.com
101 unpatched vulnerabilities

madewell.com
93 unpatched vulnerabilities

expatads.com
96 unpatched vulnerabilities

20min.ch
80 unpatched vulnerabilities

americatv.com.pe
80 unpatched vulnerabilities

gob.mx
73 unpatched vulnerabilities

lg.com
149 unpatched vulnerabilities

elcomercio.pe
36 unpatched vulnerabilities

scribd.com
35 unpatched vulnerabilities

gucci.com
31 unpatched vulnerabilities

dr.dk
29 unpatched vulnerabilities

fnp.com
29 unpatched vulnerabilities

nba.com
47 unpatched vulnerabilities

freakshare.com
25 unpatched vulnerabilities

opensecrets.org
23 unpatched vulnerabilities

ask.com
22 unpatched vulnerabilities

stanford.edu
17 unpatched vulnerabilities

wwe.com
15 unpatched vulnerabilities

all.biz
14 unpatched vulnerabilities

Making Web Safer

These websites fixed security vulnerabilities thanks to our researchers who reported vulnerabilities via Full Disclosure.

Read how to participate in Open Bug Bounty program for your own and common benefit.

On the 04/08/2015 administration of canterbury.ac.nz fixed XSS vulnerability reported by security researcher xssnazi. Website canterbury.ac.nz was vulnerable for 11 days since notification, now the vulnerability is patched.

On the 04/08/2015 administration of volunteermatch.org fixed XSS vulnerability reported by security researcher dim0k. Website volunteermatch.org was vulnerable for 13 days since notification, now the vulnerability is patched.

On the 04/08/2015 administration of volunteermatch.org fixed XSS vulnerability reported by security researcher dim0k. Website volunteermatch.org was vulnerable for 13 days since notification, now the vulnerability is patched.

On the 04/08/2015 administration of ledservis.su fixed XSS vulnerability reported by security researcher wwwebaudit. Website ledservis.su was vulnerable for 22 days since notification, now the vulnerability is patched.

On the 04/08/2015 administration of gira-rozetki.su fixed XSS vulnerability reported by security researcher wwwebaudit. Website gira-rozetki.su was vulnerable for 22 days since notification, now the vulnerability is patched.

On the 04/08/2015 administration of i-see-you.su fixed XSS vulnerability reported by security researcher wwwebaudit. Website i-see-you.su was vulnerable for 22 days since notification, now the vulnerability is patched.

On the 04/08/2015 administration of infra-shop.su fixed XSS vulnerability reported by security researcher wwwebaudit. Website infra-shop.su was vulnerable for 22 days since notification, now the vulnerability is patched.

On the 04/08/2015 administration of ifolder.su fixed XSS vulnerability reported by security researcher wwwebaudit. Website ifolder.su was vulnerable for 22 days since notification, now the vulnerability is patched.

On the 04/08/2015 administration of khouse.su fixed XSS vulnerability reported by security researcher wwwebaudit. Website khouse.su was vulnerable for 22 days since notification, now the vulnerability is patched.

On the 04/08/2015 administration of koala-shop.su fixed XSS vulnerability reported by security researcher wwwebaudit. Website koala-shop.su was vulnerable for 22 days since notification, now the vulnerability is patched.