Report Email Alerts 15147 reported vulnerabilities, 2577 fixed vulnerabilities
12728 vulnerable websites, 2519 vulnerable VIP websites
359 security researchers, 867 notification subscribers
Launched on 18/06/14, latest submission on 26/05/15

Top Alexa Rank Websites

baidu.com by BruteLogic Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 1
Approved XSS vulnerabilities: 1464
Approved XSS vulnerabilities on VIP websites: 480

amazon.com by MLT Twitter: @0x00000049
Position in TOP-50 XSS Researchers: 4
Position in TOP-50 VIP XSS Researchers: 11
Approved XSS vulnerabilities: 737
Approved XSS vulnerabilities on VIP websites: 71

taobao.com by wangjing

linkedin.com by BruteLogic Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 1
Approved XSS vulnerabilities: 1464
Approved XSS vulnerabilities on VIP websites: 480

tmall.com by Buglloc

amazon.co.jp by MLT Twitter: @0x00000049
Position in TOP-50 XSS Researchers: 4
Position in TOP-50 VIP XSS Researchers: 11
Approved XSS vulnerabilities: 737
Approved XSS vulnerabilities on VIP websites: 71

ask.com by SymbianSyMoh

microsoft.com by E1337

imdb.com by tbm

craigslist.org by xsscrapy

amazon.de by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1003
Approved XSS vulnerabilities on VIP websites: 305

xhamster.com by Nasrul07

bbc.co.uk by SecBit

amazon.co.uk by MLT Twitter: @0x00000049
Position in TOP-50 XSS Researchers: 4
Position in TOP-50 VIP XSS Researchers: 11
Approved XSS vulnerabilities: 737
Approved XSS vulnerabilities on VIP websites: 71

espn.go.com by BruteLogic Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 1
Approved XSS vulnerabilities: 1464
Approved XSS vulnerabilities on VIP websites: 480

pornhub.com by Buglloc

amazon.cn by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1003
Approved XSS vulnerabilities on VIP websites: 305

ebay.de by Tactic4l

si.com by v0raz Twitter: @v0raz
Position in TOP-50 XSS Researchers: 8
Position in TOP-50 VIP XSS Researchers: 3
Approved XSS vulnerabilities: 509
Approved XSS vulnerabilities on VIP websites: 260

adobe.com by bankir

dailymail.co.uk by xsscrapy

huffingtonpost.com by yarbabin Twitter: @yarbabin
Position in TOP-50 XSS Researchers: 24
Position in TOP-50 VIP XSS Researchers: 7
Approved XSS vulnerabilities: 138
Approved XSS vulnerabilities on VIP websites: 117

indiatimes.com by wangjing

booking.com by xsscrapy

nytimes.com by nopernik

wikia.com by BruteLogic Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 1
Approved XSS vulnerabilities: 1464
Approved XSS vulnerabilities on VIP websites: 480

outbrain.com by BruteLogic Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 1
Approved XSS vulnerabilities: 1464
Approved XSS vulnerabilities on VIP websites: 480

chase.com by v0raz Twitter: @v0raz
Position in TOP-50 XSS Researchers: 8
Position in TOP-50 VIP XSS Researchers: 3
Approved XSS vulnerabilities: 509
Approved XSS vulnerabilities on VIP websites: 260

youporn.com by Nasrul07

about.com by BruteLogic Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 1
Approved XSS vulnerabilities: 1464
Approved XSS vulnerabilities on VIP websites: 480

TOP XSS Researchers

V1RUS4
Reported 914 vulnerable websites

watt
Reported 684 vulnerable websites

en4rab
Reported 580 vulnerable websites

Rahuldk
Reported 333 vulnerable websites

Dshellnoi_Unix
Reported 264 vulnerable websites

SecBit
Reported 256 vulnerable websites

Nasrul07
Reported 223 vulnerable websites

nopernik
Reported 174 vulnerable websites

xssme
Reported 161 vulnerable websites

Stuxnet
Reported 138 vulnerable websites

Latest Submissions

trust.org
XSS by v0raz Twitter: @v0raz
Position in TOP-50 XSS Researchers: 8
Position in TOP-50 VIP XSS Researchers: 3
Approved XSS vulnerabilities: 509
Approved XSS vulnerabilities on VIP websites: 260
26/05/2015

melparamb.com
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 23
Approved XSS vulnerabilities: 391
Approved XSS vulnerabilities on VIP websites: 29
26/05/2015

m.barnesandnoble.com
XSS by v0raz Twitter: @v0raz
Position in TOP-50 XSS Researchers: 8
Position in TOP-50 VIP XSS Researchers: 3
Approved XSS vulnerabilities: 509
Approved XSS vulnerabilities on VIP websites: 260
26/05/2015

waytohow.com
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 23
Approved XSS vulnerabilities: 391
Approved XSS vulnerabilities on VIP websites: 29
26/05/2015

skpthanevivah.com
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 23
Approved XSS vulnerabilities: 391
Approved XSS vulnerabilities on VIP websites: 29
26/05/2015

sleepycomics.com
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 23
Approved XSS vulnerabilities: 391
Approved XSS vulnerabilities on VIP websites: 29
26/05/2015

haxe.org
XSS by v0raz Twitter: @v0raz
Position in TOP-50 XSS Researchers: 8
Position in TOP-50 VIP XSS Researchers: 3
Approved XSS vulnerabilities: 509
Approved XSS vulnerabilities on VIP websites: 260
26/05/2015

rifuginrete.com
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 23
Approved XSS vulnerabilities: 391
Approved XSS vulnerabilities on VIP websites: 29
26/05/2015

regent.bg
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 23
Approved XSS vulnerabilities: 391
Approved XSS vulnerabilities on VIP websites: 29
26/05/2015

harisnyaexpressz.hu
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 23
Approved XSS vulnerabilities: 391
Approved XSS vulnerabilities on VIP websites: 29
26/05/2015

srisap.com
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 23
Approved XSS vulnerabilities: 391
Approved XSS vulnerabilities on VIP websites: 29
26/05/2015

socceremporium.com
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 23
Approved XSS vulnerabilities: 391
Approved XSS vulnerabilities on VIP websites: 29
26/05/2015

studioponteromano.com
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 23
Approved XSS vulnerabilities: 391
Approved XSS vulnerabilities on VIP websites: 29
26/05/2015

sunwaytech.co.jp
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 23
Approved XSS vulnerabilities: 391
Approved XSS vulnerabilities on VIP websites: 29
26/05/2015

lodminer.net
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 23
Approved XSS vulnerabilities: 391
Approved XSS vulnerabilities on VIP websites: 29
26/05/2015

laperfumeriaonline.com
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 23
Approved XSS vulnerabilities: 391
Approved XSS vulnerabilities on VIP websites: 29
26/05/2015

bottin.be
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 23
Approved XSS vulnerabilities: 391
Approved XSS vulnerabilities on VIP websites: 29
26/05/2015

whitesellco.com
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 23
Approved XSS vulnerabilities: 391
Approved XSS vulnerabilities on VIP websites: 29
26/05/2015

acetrophies.co.uk
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 23
Approved XSS vulnerabilities: 391
Approved XSS vulnerabilities on VIP websites: 29
26/05/2015

luxurylife.com.tw
XSS by Rahuldk Twitter: @rahulkankrale
Position in TOP-50 XSS Researchers: 9
Position in TOP-50 VIP XSS Researchers: 23
Approved XSS vulnerabilities: 391
Approved XSS vulnerabilities on VIP websites: 29
26/05/2015

Top Google PR Websites

edx.org by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1003
Approved XSS vulnerabilities on VIP websites: 305

theeuropeanlibrary.org by BruteLogic Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 1
Approved XSS vulnerabilities: 1464
Approved XSS vulnerabilities on VIP websites: 480

addthis.com by yarbabin Twitter: @yarbabin
Position in TOP-50 XSS Researchers: 24
Position in TOP-50 VIP XSS Researchers: 7
Approved XSS vulnerabilities: 138
Approved XSS vulnerabilities on VIP websites: 117

cervantesvirtual.com by Stuxnet Twitter: @_Stuxnet
Position in TOP-50 XSS Researchers: 6
Position in TOP-50 VIP XSS Researchers: 19
Approved XSS vulnerabilities: 603
Approved XSS vulnerabilities on VIP websites: 34

linkedin.com by BruteLogic Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 1
Approved XSS vulnerabilities: 1464
Approved XSS vulnerabilities on VIP websites: 480

topuniversities.com by Abnoxious Position in TOP-50 XSS Researchers: 10
Position in TOP-50 VIP XSS Researchers: 9
Approved XSS vulnerabilities: 380
Approved XSS vulnerabilities on VIP websites: 111

easycounter.com by e3xpl0it Position in TOP-50 XSS Researchers: 14
Position in TOP-50 VIP XSS Researchers: 10
Approved XSS vulnerabilities: 301
Approved XSS vulnerabilities on VIP websites: 126

baidu.com.cn by BruteLogic Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 1
Approved XSS vulnerabilities: 1464
Approved XSS vulnerabilities on VIP websites: 480

baidu.cn by BruteLogic Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 1
Approved XSS vulnerabilities: 1464
Approved XSS vulnerabilities on VIP websites: 480

baidu.com by BruteLogic Position in TOP-50 XSS Researchers: 1
Position in TOP-50 VIP XSS Researchers: 1
Approved XSS vulnerabilities: 1464
Approved XSS vulnerabilities on VIP websites: 480

bbc.co.uk by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1003
Approved XSS vulnerabilities on VIP websites: 305

un.org by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1003
Approved XSS vulnerabilities on VIP websites: 305

europa.eu by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1003
Approved XSS vulnerabilities on VIP websites: 305

web.mit.edu by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1003
Approved XSS vulnerabilities on VIP websites: 305

goturkey.com by initbar

groups.csail.mit.edu by MLT Twitter: @0x00000049
Position in TOP-50 XSS Researchers: 4
Position in TOP-50 VIP XSS Researchers: 11
Approved XSS vulnerabilities: 737
Approved XSS vulnerabilities on VIP websites: 71

ec.europa.eu by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1003
Approved XSS vulnerabilities on VIP websites: 305

governoeletronico.gov.br by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1003
Approved XSS vulnerabilities on VIP websites: 305

stanford.edu by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1003
Approved XSS vulnerabilities on VIP websites: 305

legifrance.gouv.fr by PsychoMantis Twitter: @Psycho_Mantis__
Position in TOP-50 XSS Researchers: 2
Position in TOP-50 VIP XSS Researchers: 2
Approved XSS vulnerabilities: 1003
Approved XSS vulnerabilities on VIP websites: 305

cnrs.fr by Anonymous

loc.gov by PyschoMantis

mailchimp.com by nopernik

nytimes.com by nopernik

nature.com by billyzane Position in TOP-50 XSS Researchers: 34
Position in TOP-50 VIP XSS Researchers: 32
Approved XSS vulnerabilities: 68
Approved XSS vulnerabilities on VIP websites: 11

adobe.com by bankir

worldcat.org by yarbabin Twitter: @yarbabin
Position in TOP-50 XSS Researchers: 24
Position in TOP-50 VIP XSS Researchers: 7
Approved XSS vulnerabilities: 138
Approved XSS vulnerabilities on VIP websites: 117

sciencedirect.com by yarbabin Twitter: @yarbabin
Position in TOP-50 XSS Researchers: 24
Position in TOP-50 VIP XSS Researchers: 7
Approved XSS vulnerabilities: 138
Approved XSS vulnerabilities on VIP websites: 117

gallica.bnf.fr by yarbabin Twitter: @yarbabin
Position in TOP-50 XSS Researchers: 24
Position in TOP-50 VIP XSS Researchers: 7
Approved XSS vulnerabilities: 138
Approved XSS vulnerabilities on VIP websites: 117

bnf.fr by yarbabin Twitter: @yarbabin
Position in TOP-50 XSS Researchers: 24
Position in TOP-50 VIP XSS Researchers: 7
Approved XSS vulnerabilities: 138
Approved XSS vulnerabilities on VIP websites: 117

Top VIP XSS Researchers

watt
Reported 137 vulnerable VIP websites

en4rab
Reported 108 vulnerable VIP websites

Nasrul07
Reported 104 vulnerable VIP websites

SecBit
Reported 92 vulnerable VIP websites

nopernik
Reported 65 vulnerable VIP websites

E1337
Reported 61 vulnerable VIP websites

initbar
Reported 53 vulnerable VIP websites

NewLife705
Reported 46 vulnerable VIP websites

Toggaf
Reported 38 vulnerable VIP websites

xssme
Reported 37 vulnerable VIP websites

Dshellnoi_Unix
Reported 33 vulnerable VIP websites

Unpatched VIP Websites

search.vivastreet.co.in
125 unpatched vulnerabilities

lg.com
97 unpatched vulnerabilities

expatads.com
96 unpatched vulnerabilities

gob.mx
54 unpatched vulnerabilities

freakshare.com
25 unpatched vulnerabilities

opensecrets.org
20 unpatched vulnerabilities

zoomby.ru
13 unpatched vulnerabilities

edu.cn
15 unpatched vulnerabilities

novell.com
16 unpatched vulnerabilities

mlb.com
13 unpatched vulnerabilities

about.com
14 unpatched vulnerabilities

stanford.edu
13 unpatched vulnerabilities

okezone.com
12 unpatched vulnerabilities

shop.com
12 unpatched vulnerabilities

ask.com
13 unpatched vulnerabilities

reference.com
16 unpatched vulnerabilities

espn.go.com
16 unpatched vulnerabilities

gov.ph
9 unpatched vulnerabilities

buxp.org
9 unpatched vulnerabilities

ge.ch
10 unpatched vulnerabilities

Making Web Safer

The main reason why security researchers post XSS vulnerabilities on our archive is negligence and arrogance of website administrators who don't even bother to reply when researchers send information about XSS to them directly. Even companies with "Bug bounties" programs are present in our archive.

Nevertheless, the aim of the project is to make Web safer, therefore for every XSS vulnerability that we manually approve after submission, website administrator receives an email notification about the vulnerability. The notification is automatic and is sent to generic security emails, and/or to the emails from WHOIS. In order to prevent spam - the email is sent only for the first vulnerability affecting the domain. We also try to notify via twitter.

If you want to receive customized email alerts for your domain(s) before their approval - you can subscribe here.


On the 25/05/2015 administration of cheapshark.com fixed XSS vulnerability reported by security researcher v0raz. Website cheapshark.com was vulnerable for 1 day since notification, now the vulnerability is patched.

On the 25/05/2015 administration of discogs.com fixed XSS vulnerability reported by security researcher e3xpl0it. Website discogs.com was vulnerable for 1 day since notification, now the vulnerability is patched.

On the 25/05/2015 administration of discogs.com fixed XSS vulnerability reported by security researcher e3xpl0it. Website discogs.com was vulnerable for 1 day since notification, now the vulnerability is patched.

On the 25/05/2015 administration of discogs.com fixed XSS vulnerability reported by security researcher e3xpl0it. Website discogs.com was vulnerable for 1 day since notification, now the vulnerability is patched.

On the 25/05/2015 administration of discogs.com fixed XSS vulnerability reported by security researcher BruteLogic. Website discogs.com was vulnerable for 1 day since notification, now the vulnerability is patched.

On the 25/05/2015 administration of comicbook.com fixed XSS vulnerability reported by security researcher eatsa_pizza. Website comicbook.com was vulnerable for 1 day since notification, now the vulnerability is patched.

On the 25/05/2015 administration of millerthomson.com fixed XSS vulnerability reported by security researcher Stuxnet. Website millerthomson.com was vulnerable for 5 days since notification, now the vulnerability is patched.

On the 25/05/2015 administration of snapschatonline.com fixed XSS vulnerability reported by security researcher rmsg0d. Website snapschatonline.com was vulnerable for 1 day since notification, now the vulnerability is patched.

On the 25/05/2015 administration of mercadoactual.es fixed XSS vulnerability reported by security researcher Stuxnet. Website mercadoactual.es was vulnerable for 1 day since notification, now the vulnerability is patched.

On the 25/05/2015 administration of musicvid.photo fixed XSS vulnerability reported by security researcher Rahuldk. Website musicvid.photo was vulnerable for 29 days since notification, now the vulnerability is patched.