The 1st open source content management system in Vietnam

website twitter

Points only
12 0

Program rules

Scope

Qualifying vulnerabilities

Any design or implementation issue that substantially affects the confidentiality or integrity of user data is likely to be in scope for the program. Common examples include:

  • Cross Site Scripting (XSS)
  • Cross-Site Request Forgery (CSRF)
  • SQL Injection (SQLi)
  • Authentication related issues
  • Authorization related issues
  • Data Exposure
  • Remote Code Execution
  • Business Logic
  • Mobile-specific API vulnerabilities

Non-qualifying vulnerabilities

Depending on their impact, some of the reported issues may not qualify. Although we review them on a case-by-case basis, for example:

  • URL redirection
  • Bugs requiring exceedingly unlikely user interaction
  • Logout cross-site request forgery
  • Flaws affecting the users of out-of-date browsers and plugins.
  • Presence of banner or version information
  • Email spoofing
  • DDoS

Reward

As an open source software project, NukeViet does not award cash for findings, but we will honor researchers for contributions to the development of the project. Other rewards will be reviewed on a case-by-case basis.

Reward range

Severity Reward range
CRITICAL 4 Points
HIGH 3 Points
MEDIUM 2 Points
LOW 1 Point

Targets

In scope

Name Type
https://github.com/nukeviet/ Source Code

Statistics

12 reports accepted
0 report rewarded

Latest hall of famers

  • mat4mee
  • Private Researcher
  • abstrabakus
  • Private Researcher
  • unfairattaccs
  • Private Researcher

Recently joined this program

  • mat4mee
  • Private Researcher
  • steiner254
  • abstrabakus
  • Private Researcher
  • unfairattaccs
  • hackerminh
  • Private Researcher
  • Private Researcher