No one is perfect, and at UpSecurIT we think that working with a highly skilled security researchers will help us identify vulnerabilities across applications.
If you believe you've found a vulnerability issue in UpSecurIT, notify us through https://www.upsecurit.com/en/upsecurit Submit your security issue to https://www.upsecurit.com/en/upsecurit Please fill as much details as you can and the steps to reproduce the issue. Video, Screenshot and script files are accepted to verify a vulnerability.
Let us know of a potential security issue and we will work hard to solve it.
Follow UpSecurIT's disclosure guidelines. Please provide a detailed report with reproducible steps.
Submissions with missing reports will not be eligible.
If there are two duplicate reports, we will only recognize the first provided.
When testing, please only attack the account that you control.
Don't disclose the report outside the UpSecurIT platform prior to us making it public.
Public disclosure is prohibited without the express prior written consent of the service provider.
Immediately notify UpSecurIT if any user data other than your own is unintentionally accessed.
Automated Vulnerability Scans are strictly prohibited
Do not attack our end users, or engage in the trade of stolen user credentials
Refrain from Denial of Service, Spamming and Social Engineering (including phishing)
Any physical attempts against UpSecurIT's property or data centers are not allowed.
In-Scope Domains and Properties
Anything not listed in the Scope should not be tested. This includes third party sites that are the result of a redirection from our websites.
Qualifying bugs will be rewarded based on the following tab. All other vulnerabilities will be rewarded with points.
The following issues are already known to our Security Team, please don't submit reports related to them.
Server Version Enabled _Server Methods _Low Impact Vulnerabilities