Report Email Alerts 15263 reported vulnerabilities, 2599 fixed vulnerabilities
12822 vulnerable websites, 2530 vulnerable VIP websites
359 security researchers, 874 notification subscribers
Launched on 18/06/14, latest submission on 27/05/15

Top Alexa Rank Websites

baidu.com by BruteLogic Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 1
Approved XSS vulnerabilities: 1464
Approved XSS vulnerabilities on VIP websites: 480

amazon.com by MLT Twitter: @0x00000049
Position in TOP-50 XSS Researchers: 4
Position in TOP-50 VIP XSS Researchers: 11
Approved XSS vulnerabilities: 737
Approved XSS vulnerabilities on VIP websites: 71

taobao.com by wangjing

linkedin.com by BruteLogic Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 1
Approved XSS vulnerabilities: 1464
Approved XSS vulnerabilities on VIP websites: 480

tmall.com by Buglloc

amazon.co.jp by MLT Twitter: @0x00000049
Position in TOP-50 XSS Researchers: 4
Position in TOP-50 VIP XSS Researchers: 11
Approved XSS vulnerabilities: 737
Approved XSS vulnerabilities on VIP websites: 71

ask.com by SymbianSyMoh

microsoft.com by E1337

imdb.com by tbm

craigslist.org by xsscrapy

amazon.de by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1005
Approved XSS vulnerabilities on VIP websites: 307

xhamster.com by Nasrul07

bbc.co.uk by SecBit

amazon.co.uk by MLT Twitter: @0x00000049
Position in TOP-50 XSS Researchers: 4
Position in TOP-50 VIP XSS Researchers: 11
Approved XSS vulnerabilities: 737
Approved XSS vulnerabilities on VIP websites: 71

espn.go.com by BruteLogic Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 1
Approved XSS vulnerabilities: 1464
Approved XSS vulnerabilities on VIP websites: 480

pornhub.com by Buglloc

amazon.cn by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1005
Approved XSS vulnerabilities on VIP websites: 307

ebay.de by Tactic4l

si.com by v0raz Twitter: @v0raz
Position in TOP-50 XSS Researchers: 8
Position in TOP-50 VIP XSS Researchers: 3
Approved XSS vulnerabilities: 512
Approved XSS vulnerabilities on VIP websites: 263

adobe.com by bankir

dailymail.co.uk by xsscrapy

huffingtonpost.com by yarbabin Twitter: @yarbabin
Position in TOP-50 XSS Researchers: 24
Position in TOP-50 VIP XSS Researchers: 7
Approved XSS vulnerabilities: 138
Approved XSS vulnerabilities on VIP websites: 117

indiatimes.com by wangjing

booking.com by xsscrapy

nytimes.com by nopernik

wikia.com by BruteLogic Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 1
Approved XSS vulnerabilities: 1464
Approved XSS vulnerabilities on VIP websites: 480

outbrain.com by BruteLogic Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 1
Approved XSS vulnerabilities: 1464
Approved XSS vulnerabilities on VIP websites: 480

chase.com by v0raz Twitter: @v0raz
Position in TOP-50 XSS Researchers: 8
Position in TOP-50 VIP XSS Researchers: 3
Approved XSS vulnerabilities: 512
Approved XSS vulnerabilities on VIP websites: 263

youporn.com by Nasrul07

about.com by BruteLogic Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 1
Approved XSS vulnerabilities: 1464
Approved XSS vulnerabilities on VIP websites: 480

TOP XSS Researchers

V1RUS4
Reported 914 vulnerable websites

watt
Reported 684 vulnerable websites

en4rab
Reported 580 vulnerable websites

Rahuldk
Reported 333 vulnerable websites

Dshellnoi_Unix
Reported 264 vulnerable websites

SecBit
Reported 256 vulnerable websites

Nasrul07
Reported 223 vulnerable websites

nopernik
Reported 174 vulnerable websites

xssme
Reported 161 vulnerable websites

Stuxnet
Reported 138 vulnerable websites

Latest Submissions

papystreaming.com
XSS by ZxX 27/05/2015

secure.realtorlink.ca
XSS by ZxX 27/05/2015

audizine.com
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 22
Approved XSS vulnerabilities: 408
Approved XSS vulnerabilities on VIP websites: 32
27/05/2015

audizine.com
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 22
Approved XSS vulnerabilities: 408
Approved XSS vulnerabilities on VIP websites: 32
27/05/2015

avid.com
XSS by v0raz Twitter: @v0raz
Position in TOP-50 XSS Researchers: 8
Position in TOP-50 VIP XSS Researchers: 3
Approved XSS vulnerabilities: 512
Approved XSS vulnerabilities on VIP websites: 263
27/05/2015

si.com
XSS by v0raz Twitter: @v0raz
Position in TOP-50 XSS Researchers: 8
Position in TOP-50 VIP XSS Researchers: 3
Approved XSS vulnerabilities: 512
Approved XSS vulnerabilities on VIP websites: 263
27/05/2015

eheuristic.com
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 22
Approved XSS vulnerabilities: 408
Approved XSS vulnerabilities on VIP websites: 32
27/05/2015

eventkeeda.com
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 22
Approved XSS vulnerabilities: 408
Approved XSS vulnerabilities on VIP websites: 32
27/05/2015

chdads.com
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 22
Approved XSS vulnerabilities: 408
Approved XSS vulnerabilities on VIP websites: 32
27/05/2015

onlinetenali.com
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 22
Approved XSS vulnerabilities: 408
Approved XSS vulnerabilities on VIP websites: 32
27/05/2015

discogs.com
XSS by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1005
Approved XSS vulnerabilities on VIP websites: 307
27/05/2015

onlineguns.co.uk
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 22
Approved XSS vulnerabilities: 408
Approved XSS vulnerabilities on VIP websites: 32
27/05/2015

chemspider.com
XSS by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1005
Approved XSS vulnerabilities on VIP websites: 307
27/05/2015

freeautolanka.com
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 22
Approved XSS vulnerabilities: 408
Approved XSS vulnerabilities on VIP websites: 32
27/05/2015

trailertrader.net
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 22
Approved XSS vulnerabilities: 408
Approved XSS vulnerabilities on VIP websites: 32
27/05/2015

ambianceaccordeon.fr
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 22
Approved XSS vulnerabilities: 408
Approved XSS vulnerabilities on VIP websites: 32
27/05/2015

rockblock.hu
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 22
Approved XSS vulnerabilities: 408
Approved XSS vulnerabilities on VIP websites: 32
27/05/2015

dinarq8.com
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 22
Approved XSS vulnerabilities: 408
Approved XSS vulnerabilities on VIP websites: 32
27/05/2015

hungrymonster.com
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 22
Approved XSS vulnerabilities: 408
Approved XSS vulnerabilities on VIP websites: 32
27/05/2015

audizine.com
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 22
Approved XSS vulnerabilities: 408
Approved XSS vulnerabilities on VIP websites: 32
27/05/2015

Top Google PR Websites

edx.org by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1005
Approved XSS vulnerabilities on VIP websites: 307

theeuropeanlibrary.org by BruteLogic Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 1
Approved XSS vulnerabilities: 1464
Approved XSS vulnerabilities on VIP websites: 480

addthis.com by yarbabin Twitter: @yarbabin
Position in TOP-50 XSS Researchers: 24
Position in TOP-50 VIP XSS Researchers: 7
Approved XSS vulnerabilities: 138
Approved XSS vulnerabilities on VIP websites: 117

cervantesvirtual.com by Stuxnet Twitter: @_Stuxnet
Position in TOP-50 XSS Researchers: 6
Position in TOP-50 VIP XSS Researchers: 16
Approved XSS vulnerabilities: 657
Approved XSS vulnerabilities on VIP websites: 39

linkedin.com by BruteLogic Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 1
Approved XSS vulnerabilities: 1464
Approved XSS vulnerabilities on VIP websites: 480

topuniversities.com by Abnoxious Position in TOP-50 XSS Researchers: 10
Position in TOP-50 VIP XSS Researchers: 9
Approved XSS vulnerabilities: 380
Approved XSS vulnerabilities on VIP websites: 111

easycounter.com by e3xpl0it Position in TOP-50 XSS Researchers: 14
Position in TOP-50 VIP XSS Researchers: 10
Approved XSS vulnerabilities: 305
Approved XSS vulnerabilities on VIP websites: 127

baidu.com.cn by BruteLogic Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 1
Approved XSS vulnerabilities: 1464
Approved XSS vulnerabilities on VIP websites: 480

baidu.cn by BruteLogic Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 1
Approved XSS vulnerabilities: 1464
Approved XSS vulnerabilities on VIP websites: 480

baidu.com by BruteLogic Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 1
Approved XSS vulnerabilities: 1464
Approved XSS vulnerabilities on VIP websites: 480

bbc.co.uk by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1005
Approved XSS vulnerabilities on VIP websites: 307

un.org by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1005
Approved XSS vulnerabilities on VIP websites: 307

europa.eu by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1005
Approved XSS vulnerabilities on VIP websites: 307

web.mit.edu by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1005
Approved XSS vulnerabilities on VIP websites: 307

goturkey.com by initbar

groups.csail.mit.edu by MLT Twitter: @0x00000049
Position in TOP-50 XSS Researchers: 4
Position in TOP-50 VIP XSS Researchers: 11
Approved XSS vulnerabilities: 737
Approved XSS vulnerabilities on VIP websites: 71

ec.europa.eu by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1005
Approved XSS vulnerabilities on VIP websites: 307

governoeletronico.gov.br by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1005
Approved XSS vulnerabilities on VIP websites: 307

stanford.edu by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1005
Approved XSS vulnerabilities on VIP websites: 307

legifrance.gouv.fr by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1005
Approved XSS vulnerabilities on VIP websites: 307

cnrs.fr by Anonymous

loc.gov by PyschoMantis

mailchimp.com by nopernik

nytimes.com by nopernik

nature.com by billyzane Position in TOP-50 XSS Researchers: 34
Position in TOP-50 VIP XSS Researchers: 32
Approved XSS vulnerabilities: 70
Approved XSS vulnerabilities on VIP websites: 11

adobe.com by bankir

worldcat.org by yarbabin Twitter: @yarbabin
Position in TOP-50 XSS Researchers: 24
Position in TOP-50 VIP XSS Researchers: 7
Approved XSS vulnerabilities: 138
Approved XSS vulnerabilities on VIP websites: 117

sciencedirect.com by yarbabin Twitter: @yarbabin
Position in TOP-50 XSS Researchers: 24
Position in TOP-50 VIP XSS Researchers: 7
Approved XSS vulnerabilities: 138
Approved XSS vulnerabilities on VIP websites: 117

gallica.bnf.fr by yarbabin Twitter: @yarbabin
Position in TOP-50 XSS Researchers: 24
Position in TOP-50 VIP XSS Researchers: 7
Approved XSS vulnerabilities: 138
Approved XSS vulnerabilities on VIP websites: 117

bnf.fr by yarbabin Twitter: @yarbabin
Position in TOP-50 XSS Researchers: 24
Position in TOP-50 VIP XSS Researchers: 7
Approved XSS vulnerabilities: 138
Approved XSS vulnerabilities on VIP websites: 117

Top VIP XSS Researchers

watt
Reported 137 vulnerable VIP websites

en4rab
Reported 108 vulnerable VIP websites

Nasrul07
Reported 104 vulnerable VIP websites

SecBit
Reported 92 vulnerable VIP websites

nopernik
Reported 65 vulnerable VIP websites

E1337
Reported 61 vulnerable VIP websites

initbar
Reported 53 vulnerable VIP websites

NewLife705
Reported 46 vulnerable VIP websites

Toggaf
Reported 38 vulnerable VIP websites

xssme
Reported 37 vulnerable VIP websites

Dshellnoi_Unix
Reported 33 vulnerable VIP websites

Unpatched VIP Websites

search.vivastreet.co.in
125 unpatched vulnerabilities

lg.com
97 unpatched vulnerabilities

expatads.com
96 unpatched vulnerabilities

gob.mx
54 unpatched vulnerabilities

freakshare.com
25 unpatched vulnerabilities

opensecrets.org
20 unpatched vulnerabilities

zoomby.ru
13 unpatched vulnerabilities

edu.cn
15 unpatched vulnerabilities

novell.com
16 unpatched vulnerabilities

mlb.com
13 unpatched vulnerabilities

about.com
14 unpatched vulnerabilities

stanford.edu
13 unpatched vulnerabilities

okezone.com
12 unpatched vulnerabilities

shop.com
12 unpatched vulnerabilities

ask.com
13 unpatched vulnerabilities

reference.com
16 unpatched vulnerabilities

espn.go.com
16 unpatched vulnerabilities

gov.ph
9 unpatched vulnerabilities

buxp.org
9 unpatched vulnerabilities

ge.ch
10 unpatched vulnerabilities

Making Web Safer

The main reason why security researchers post XSS vulnerabilities on our archive is negligence and arrogance of website administrators who don't even bother to reply when researchers send information about XSS to them directly. Even companies with "Bug bounties" programs are present in our archive.

Nevertheless, the aim of the project is to make Web safer, therefore for every XSS vulnerability that we manually approve after submission, website administrator receives an email notification about the vulnerability. The notification is automatic and is sent to generic security emails, and/or to the emails from WHOIS. In order to prevent spam - the email is sent only for the first vulnerability affecting the domain. We also try to notify via twitter.

If you want to receive customized email alerts for your domain(s) before their approval - you can subscribe here.


On the 26/05/2015 administration of list4all.com fixed XSS vulnerability reported by security researcher Stuxnet. Website list4all.com was vulnerable for 1 day since notification, now the vulnerability is patched.

On the 26/05/2015 administration of basspro.com fixed XSS vulnerability reported by security researcher v0raz. Website basspro.com was vulnerable for 22 days since notification, now the vulnerability is patched.

On the 26/05/2015 administration of scandpg.org fixed XSS vulnerability reported by security researcher Stuxnet. Website scandpg.org was vulnerable for 6 days since notification, now the vulnerability is patched.

On the 26/05/2015 administration of spokeo.com fixed XSS vulnerability reported by security researcher Nasrul07. Website spokeo.com was vulnerable for 19 days since notification, now the vulnerability is patched.

On the 26/05/2015 administration of jsis.washington.edu fixed XSS vulnerability reported by security researcher Rahuldk. Website jsis.washington.edu was vulnerable for 4 days since notification, now the vulnerability is patched.

On the 26/05/2015 administration of chemspider.com fixed XSS vulnerability reported by security researcher RootByte. Website chemspider.com was vulnerable for 1 day since notification, now the vulnerability is patched.

On the 26/05/2015 administration of cnio.es fixed XSS vulnerability reported by security researcher Stuxnet. Website cnio.es was vulnerable for 2 days since notification, now the vulnerability is patched.

On the 26/05/2015 administration of queendiary.info fixed XSS vulnerability reported by security researcher Rahuldk. Website queendiary.info was vulnerable for 1 day since notification, now the vulnerability is patched.

On the 26/05/2015 administration of cambridge.org fixed XSS vulnerability reported by security researcher PsychoMantis. Website cambridge.org was vulnerable for 36 days since notification, now the vulnerability is patched.

On the 26/05/2015 administration of jeffsimmonds.org fixed XSS vulnerability reported by security researcher Stuxnet. Website jeffsimmonds.org was vulnerable for 2 days since notification, now the vulnerability is patched.