We attempt to verify submitted code. We ask that you include in your exploit code a download link to the vulnerable software when applicable, and we will do our best to host the file locally.
We will NOT accept, process or post any vulnerabilities which are demonstrated on live websites.
We have changed our submittals policy, please read carefully:
1) We will not accept non presistent XSS vulnerabilities
2) We will not accept XSS vulnerabilities for minor applications.
3) We will not accept vulnerability reports without triggering details.
4) We will not accept exploits for software which can't be found on the internet.
5) We will not accept duplicate exploits that are simply written in a different language.
Ideally, your exploit should contain at least these headers:
# Exploit Title: [title]
# Date: [date]
# Author: [author]
# Software Link: [downoad link if available]
# Version: [app version]
# Tested on: [relevant os]
# CVE : [if exists]
# Code : [exploit code]