Vulnerability Reward Program
Help the crypto community get better and get rewarded for it!
Qmall reserves the right to cancel or amend the terms of the bounty program at its sole discretion.
Rewards will be credited to users within two weeks after the report is verified.
Rewards will be paid in QMALL token or in US dollars. Qmall may pay an additional bonus at its sole discretion.
Qmall will only reward users who first report any vulnerability. If approved, other reports of the same vulnerability will not be rewarded.
Remote code execution
Partial Authentication Bypass
Theft of confidential information
Financial vulnerability and personal data
These generally do not correspond to the severity threshold: DDoS, Self-XSS, Spam, Social engineering