find bugs, get rewards
1.
Client mail, phone numbers, or service information
in general access to any conf.
2.
arbitrary code execution
3.
removal, reinstallation and other critical actions with client VPS
any Improper interaction with services and customers
And other ways to identify client conf.
Remote code execution (RCE)
€600 - €2000
Local files access and more.
€200 - €1200
SQL Injection
€200 - €1200
IDORs / Disclosure of sensitive information / Memory leaks
€32 - €730
Non-critical backend bugs
€5 - €10
(!) only new errors are paid
Other vulnerabilities found
depends on criticality
Payments are made after the discovery and verification of a vulnerability within two business days. The reward will be credited to Aéza personal account bonus balance, from which up to 50% of the reward amount could be withdrawn.
If you haven't found the answer to your question - write to the chat, we will prompt
The bug bounty program is an initiative that allows interested parties (individuals, security researchers, etc.) to find vulnerabilities in web applications, mobile applications, software and other digital products of a company, providing them with a reward for the security bugs they find.
To participate in our bug bounty program, you must complete the following steps: Read our terms and conditions on the bug bounty page on our website. Study our vulnerability identification system. Send your report on the vulnerability found through our system. Wait for a response from our security team, who will review your report. If your message is found to be reliable and a vulnerability-related change is made, we will pay you a reward in accordance with our program.
The amount of the reward depends on the type and severity of the vulnerability.
Yes, participation in our company's bug bounty program is completely legal and in accordance with international standards.
We strive to respond quickly to every vulnerability report received through our bug bounty program.