Report Email Alerts Full Disclosure: 19650 vulnerabilities, 3540 fixed
Open Bug Bounty: 180 coordinated disclosures
16528 vulnerable websites, 3113 VIP websites
447 security researchers, 1035 notification subscribers

Top Alexa Rank Websites

baidu.com by BruteLogic Twitter: @brutelogic
Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1475
Approved XSS vulnerabilities on VIP websites: 486

amazon.com by BruteLogic Twitter: @brutelogic
Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1475
Approved XSS vulnerabilities on VIP websites: 486

taobao.com by wangjing

linkedin.com by BruteLogic Twitter: @brutelogic
Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1475
Approved XSS vulnerabilities on VIP websites: 486

tmall.com by Buglloc

amazon.co.jp by MLT Twitter: @0x00000049
Position in TOP-50 XSS Researchers: 5
Position in TOP-50 VIP XSS Researchers: 13
Approved XSS vulnerabilities: 804
Approved XSS vulnerabilities on VIP websites: 83

ask.com by SymbianSyMoh

microsoft.com by E1337

imgur.com by MLT Twitter: @0x00000049
Position in TOP-50 XSS Researchers: 5
Position in TOP-50 VIP XSS Researchers: 13
Approved XSS vulnerabilities: 804
Approved XSS vulnerabilities on VIP websites: 83

imdb.com by tbm Position in TOP-50 XSS Researchers: 23
Position in TOP-50 VIP XSS Researchers: 18
Approved XSS vulnerabilities: 181
Approved XSS vulnerabilities on VIP websites: 53

craigslist.org by xsscrapy

amazon.de by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 3
Position in TOP-50 VIP XSS Researchers: 3
Approved XSS vulnerabilities: 1086
Approved XSS vulnerabilities on VIP websites: 340

xhamster.com by Nasrul07 Twitter: @nasrulseven
Position in TOP-50 XSS Researchers: 19
Position in TOP-50 VIP XSS Researchers: 7
Approved XSS vulnerabilities: 328
Approved XSS vulnerabilities on VIP websites: 186

bbc.co.uk by SecBit

amazon.co.uk by MLT Twitter: @0x00000049
Position in TOP-50 XSS Researchers: 5
Position in TOP-50 VIP XSS Researchers: 13
Approved XSS vulnerabilities: 804
Approved XSS vulnerabilities on VIP websites: 83

espn.go.com by BruteLogic Twitter: @brutelogic
Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1475
Approved XSS vulnerabilities on VIP websites: 486

pornhub.com by Buglloc

amazon.cn by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 3
Position in TOP-50 VIP XSS Researchers: 3
Approved XSS vulnerabilities: 1086
Approved XSS vulnerabilities on VIP websites: 340

ebay.de by Tactic4l

si.com by v0raz Twitter: @v0raz
Position in TOP-50 XSS Researchers: 6
Position in TOP-50 VIP XSS Researchers: 1
Approved XSS vulnerabilities: 710
Approved XSS vulnerabilities on VIP websites: 411

adobe.com by bankir

dailymail.co.uk by xsscrapy

huffingtonpost.com by yarbabin Twitter: @yarbabin
Position in TOP-50 XSS Researchers: 28
Position in TOP-50 VIP XSS Researchers: 8
Approved XSS vulnerabilities: 147
Approved XSS vulnerabilities on VIP websites: 125

indiatimes.com by wangjing

booking.com by xsscrapy

nytimes.com by nopernik

wikia.com by BruteLogic Twitter: @brutelogic
Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1475
Approved XSS vulnerabilities on VIP websites: 486

outbrain.com by BruteLogic Twitter: @brutelogic
Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1475
Approved XSS vulnerabilities on VIP websites: 486

chase.com by v0raz Twitter: @v0raz
Position in TOP-50 XSS Researchers: 6
Position in TOP-50 VIP XSS Researchers: 1
Approved XSS vulnerabilities: 710
Approved XSS vulnerabilities on VIP websites: 411

youporn.com by Nasrul07 Twitter: @nasrulseven
Position in TOP-50 XSS Researchers: 19
Position in TOP-50 VIP XSS Researchers: 7
Approved XSS vulnerabilities: 328
Approved XSS vulnerabilities on VIP websites: 186

TOP XSS Researchers

NRockhouse
Reported 27 vulnerable websites

NRockhouse
Reported 12 vulnerable websites

V1RUS4
Reported 9 vulnerable websites

Tactic4l
Reported 5 vulnerable websites

V1RUS4
Reported 923 vulnerable websites

watt
Reported 688 vulnerable websites

en4rab
Reported 582 vulnerable websites

Rahuldk
Reported 334 vulnerable websites

Dshellnoi_Unix
Reported 264 vulnerable websites

SecBit
Reported 256 vulnerable websites

Latest Submissions

pflanzenversand-gaissmayer.de
XSS by R3NW4 Twitter: @R3NW4
Position in TOP-50 XSS Researchers: 42
Approved XSS vulnerabilities: 66
Approved XSS vulnerabilities on VIP websites: 3
07/07/2015

cosmeticdentistryguide.co.uk
XSS by R3NW4 Twitter: @R3NW4
Position in TOP-50 XSS Researchers: 42
Approved XSS vulnerabilities: 66
Approved XSS vulnerabilities on VIP websites: 3
07/07/2015

fadwebsite.com
XSS by R3NW4 Twitter: @R3NW4
Position in TOP-50 XSS Researchers: 42
Approved XSS vulnerabilities: 66
Approved XSS vulnerabilities on VIP websites: 3
07/07/2015

onvideo.gr
XSS by R3NW4 Twitter: @R3NW4
Position in TOP-50 XSS Researchers: 42
Approved XSS vulnerabilities: 66
Approved XSS vulnerabilities on VIP websites: 3
07/07/2015

animatrick.com
XSS by R3NW4 Twitter: @R3NW4
Position in TOP-50 XSS Researchers: 42
Approved XSS vulnerabilities: 66
Approved XSS vulnerabilities on VIP websites: 3
07/07/2015

viktorfrank.cz
XSS by R3NW4 Twitter: @R3NW4
Position in TOP-50 XSS Researchers: 42
Approved XSS vulnerabilities: 66
Approved XSS vulnerabilities on VIP websites: 3
07/07/2015

sexe-tape.tv
XSS by R3NW4 Twitter: @R3NW4
Position in TOP-50 XSS Researchers: 42
Approved XSS vulnerabilities: 66
Approved XSS vulnerabilities on VIP websites: 3
07/07/2015

keiohotel.co.jp
XSS by R3NW4 Twitter: @R3NW4
Position in TOP-50 XSS Researchers: 42
Approved XSS vulnerabilities: 66
Approved XSS vulnerabilities on VIP websites: 3
07/07/2015

wibra.nl
XSS by rmsg0d Twitter: @rmsg0d
Position in TOP-50 XSS Researchers: 48
Position in TOP-50 VIP XSS Researchers: 38
Approved XSS vulnerabilities: 39
Approved XSS vulnerabilities on VIP websites: 13
07/07/2015

admin.new.optidata.pl
XSS by MichalKoczwara Twitter: @MichalKoczwara
Position in TOP-50 XSS Researchers: 44
Approved XSS vulnerabilities: 78
Approved XSS vulnerabilities on VIP websites: 23
07/07/2015

seal.com.pl
XSS by MichalKoczwara Twitter: @MichalKoczwara
Position in TOP-50 XSS Researchers: 44
Approved XSS vulnerabilities: 78
Approved XSS vulnerabilities on VIP websites: 23
07/07/2015

demoshop.eshop2pro.com
XSS by sToRm Approved XSS vulnerabilities: 5 07/07/2015

demoshop.3d-commerce.com
XSS by sToRm Approved XSS vulnerabilities: 5 07/07/2015

blackpoolchristiancentre.co.uk
XSS by mradamdavies Twitter: @mradamdavies
Position in TOP-50 XSS Researchers: 16
Position in TOP-50 VIP XSS Researchers: 16
Approved XSS vulnerabilities: 276
Approved XSS vulnerabilities on VIP websites: 59
07/07/2015

kmclassifieds.co.uk
XSS by mradamdavies Twitter: @mradamdavies
Position in TOP-50 XSS Researchers: 16
Position in TOP-50 VIP XSS Researchers: 16
Approved XSS vulnerabilities: 276
Approved XSS vulnerabilities on VIP websites: 59
07/07/2015

ecmselection.co.uk
XSS by mradamdavies Twitter: @mradamdavies
Position in TOP-50 XSS Researchers: 16
Position in TOP-50 VIP XSS Researchers: 16
Approved XSS vulnerabilities: 276
Approved XSS vulnerabilities on VIP websites: 59
07/07/2015

nicolabell.co.uk
XSS by mradamdavies Twitter: @mradamdavies
Position in TOP-50 XSS Researchers: 16
Position in TOP-50 VIP XSS Researchers: 16
Approved XSS vulnerabilities: 276
Approved XSS vulnerabilities on VIP websites: 59
07/07/2015

thecorner.co.uk
XSS by mradamdavies Twitter: @mradamdavies
Position in TOP-50 XSS Researchers: 16
Position in TOP-50 VIP XSS Researchers: 16
Approved XSS vulnerabilities: 276
Approved XSS vulnerabilities on VIP websites: 59
07/07/2015

messeboerse.arbeitsagentur.de
XSS by sToRm Approved XSS vulnerabilities: 5 07/07/2015

listentoyoutube.com
XSS by R3NW4 Twitter: @R3NW4
Position in TOP-50 XSS Researchers: 42
Approved XSS vulnerabilities: 66
Approved XSS vulnerabilities on VIP websites: 3
07/07/2015

Top Google PR Websites

edx.org by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 3
Position in TOP-50 VIP XSS Researchers: 3
Approved XSS vulnerabilities: 1086
Approved XSS vulnerabilities on VIP websites: 340

theeuropeanlibrary.org by BruteLogic Twitter: @brutelogic
Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1475
Approved XSS vulnerabilities on VIP websites: 486

addthis.com by yarbabin Twitter: @yarbabin
Position in TOP-50 XSS Researchers: 28
Position in TOP-50 VIP XSS Researchers: 8
Approved XSS vulnerabilities: 147
Approved XSS vulnerabilities on VIP websites: 125

culture.gouv.fr by conslight Twitter: @conslight
Approved XSS vulnerabilities: 1
Approved XSS vulnerabilities on VIP websites: 1

nature.com by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 3
Position in TOP-50 VIP XSS Researchers: 3
Approved XSS vulnerabilities: 1086
Approved XSS vulnerabilities on VIP websites: 340

business.usa.gov by BruteLogic Twitter: @brutelogic
Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1475
Approved XSS vulnerabilities on VIP websites: 486

groups.csail.mit.edu by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 3
Position in TOP-50 VIP XSS Researchers: 3
Approved XSS vulnerabilities: 1086
Approved XSS vulnerabilities on VIP websites: 340

worldcat.org by e3xpl0it Twitter: @e3xpl0it
Position in TOP-50 XSS Researchers: 13
Position in TOP-50 VIP XSS Researchers: 5
Approved XSS vulnerabilities: 484
Approved XSS vulnerabilities on VIP websites: 243

cervantesvirtual.com by Stuxnet Twitter: @_Stuxnet
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 12
Approved XSS vulnerabilities: 1222
Approved XSS vulnerabilities on VIP websites: 88

flickr.com by e3xpl0it Twitter: @e3xpl0it
Position in TOP-50 XSS Researchers: 13
Position in TOP-50 VIP XSS Researchers: 5
Approved XSS vulnerabilities: 484
Approved XSS vulnerabilities on VIP websites: 243

linkedin.com by BruteLogic Twitter: @brutelogic
Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1475
Approved XSS vulnerabilities on VIP websites: 486

topuniversities.com by Abnoxious Position in TOP-50 XSS Researchers: 12
Position in TOP-50 VIP XSS Researchers: 11
Approved XSS vulnerabilities: 381
Approved XSS vulnerabilities on VIP websites: 112

easycounter.com by e3xpl0it Twitter: @e3xpl0it
Position in TOP-50 XSS Researchers: 13
Position in TOP-50 VIP XSS Researchers: 5
Approved XSS vulnerabilities: 484
Approved XSS vulnerabilities on VIP websites: 243

baidu.com.cn by BruteLogic Twitter: @brutelogic
Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1475
Approved XSS vulnerabilities on VIP websites: 486

baidu.cn by BruteLogic Twitter: @brutelogic
Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1475
Approved XSS vulnerabilities on VIP websites: 486

baidu.com by BruteLogic Twitter: @brutelogic
Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1475
Approved XSS vulnerabilities on VIP websites: 486

bbc.co.uk by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 3
Position in TOP-50 VIP XSS Researchers: 3
Approved XSS vulnerabilities: 1086
Approved XSS vulnerabilities on VIP websites: 340

un.org by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 3
Position in TOP-50 VIP XSS Researchers: 3
Approved XSS vulnerabilities: 1086
Approved XSS vulnerabilities on VIP websites: 340

europa.eu by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 3
Position in TOP-50 VIP XSS Researchers: 3
Approved XSS vulnerabilities: 1086
Approved XSS vulnerabilities on VIP websites: 340

web.mit.edu by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 3
Position in TOP-50 VIP XSS Researchers: 3
Approved XSS vulnerabilities: 1086
Approved XSS vulnerabilities on VIP websites: 340

goturkey.com by initbar

ec.europa.eu by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 3
Position in TOP-50 VIP XSS Researchers: 3
Approved XSS vulnerabilities: 1086
Approved XSS vulnerabilities on VIP websites: 340

governoeletronico.gov.br by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 3
Position in TOP-50 VIP XSS Researchers: 3
Approved XSS vulnerabilities: 1086
Approved XSS vulnerabilities on VIP websites: 340

stanford.edu by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 3
Position in TOP-50 VIP XSS Researchers: 3
Approved XSS vulnerabilities: 1086
Approved XSS vulnerabilities on VIP websites: 340

legifrance.gouv.fr by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 3
Position in TOP-50 VIP XSS Researchers: 3
Approved XSS vulnerabilities: 1086
Approved XSS vulnerabilities on VIP websites: 340

cnrs.fr by Anonymous

loc.gov by PyschoMantis

mailchimp.com by nopernik

nytimes.com by nopernik

adobe.com by bankir

TOP VIP XSS Researchers

ral249
Reported 16 vulnerable VIP websites

NRockhouse
Reported 2 vulnerable VIP websites

Tactic4l
Reported 18 vulnerable VIP websites

V1RUS4
Reported 23 vulnerable VIP websites

watt
Reported 138 vulnerable VIP websites

en4rab
Reported 110 vulnerable VIP websites

SecBit
Reported 92 vulnerable VIP websites

nopernik
Reported 65 vulnerable VIP websites

E1337
Reported 61 vulnerable VIP websites

initbar
Reported 54 vulnerable VIP websites

NewLife705
Reported 46 vulnerable VIP websites

Unpatched VIP Websites

search.vivastreet.co.in
125 unpatched vulnerabilities

expatads.com
96 unpatched vulnerabilities

gob.mx
66 unpatched vulnerabilities

fnp.com
29 unpatched vulnerabilities

freakshare.com
25 unpatched vulnerabilities

gucci.com
21 unpatched vulnerabilities

opensecrets.org
22 unpatched vulnerabilities

ask.com
20 unpatched vulnerabilities

tripadvisor.ru
15 unpatched vulnerabilities

stanford.edu
16 unpatched vulnerabilities

orpha.net
15 unpatched vulnerabilities

edu.cn
16 unpatched vulnerabilities

zoomby.ru
13 unpatched vulnerabilities

novell.com
16 unpatched vulnerabilities

espn.go.com
20 unpatched vulnerabilities

reference.com
18 unpatched vulnerabilities

mlb.com
14 unpatched vulnerabilities

about.com
14 unpatched vulnerabilities

okezone.com
12 unpatched vulnerabilities

noaa.gov
15 unpatched vulnerabilities

Making Web Safer

These websites fixed security vulnerabilities thanks to our researchers who reported vulnerabilities via Full Disclosure.

Read how to participate in Open Bug Bounty program for your own and common benefit.

On the 07/07/2015 administration of drom.ru fixed XSS vulnerability reported by security researcher dim0k. Website drom.ru was vulnerable for 2 days since notification, now the vulnerability is patched.

On the 07/07/2015 administration of megagroup.ru fixed XSS vulnerability reported by security researcher e3xpl0it. Website megagroup.ru was vulnerable for 41 days since notification, now the vulnerability is patched.

On the 07/07/2015 administration of medicalcenterarlington.com fixed XSS vulnerability reported by security researcher billyzane. Website medicalcenterarlington.com was vulnerable for 24 days since notification, now the vulnerability is patched.

On the 07/07/2015 administration of oakley.com fixed XSS vulnerability reported by security researcher v0raz. Website oakley.com was vulnerable for 40 days since notification, now the vulnerability is patched.

On the 07/07/2015 administration of dallatgroup.co.uk fixed XSS vulnerability reported by security researcher rakshasa. Website dallatgroup.co.uk was vulnerable for 25 days since notification, now the vulnerability is patched.

On the 07/07/2015 administration of clinicaplanas.com fixed XSS vulnerability reported by security researcher r3vengine. Website clinicaplanas.com was vulnerable for 32 days since notification, now the vulnerability is patched.

On the 07/07/2015 administration of austintexas.gov fixed XSS vulnerability reported by security researcher Stuxnet. Website austintexas.gov was vulnerable for 28 days since notification, now the vulnerability is patched.

On the 07/07/2015 administration of diabetesbienestarysalud.com fixed XSS vulnerability reported by security researcher v0raz. Website diabetesbienestarysalud.com was vulnerable for 33 days since notification, now the vulnerability is patched.

On the 06/07/2015 administration of us.gov.krd fixed XSS vulnerability reported by security researcher R3NW4. Website us.gov.krd was vulnerable for 15 days since notification, now the vulnerability is patched.

On the 06/07/2015 administration of ultimatestunts.nl fixed XSS vulnerability reported by security researcher zulu_666. Website ultimatestunts.nl was vulnerable for 5 days since notification, now the vulnerability is patched.