Vulnerability Reward Program

Help the crypto community get better and get rewarded for it!

Rules

Qmall reserves the right to cancel or amend the terms of the bounty program at its sole discretion.
Rewards will be credited to users within two weeks after the report is verified.
Rewards will be paid in QMALL token or in US dollars. Qmall may pay an additional bonus at its sole discretion.
Qmall will only reward users who first report any vulnerability. If approved, other reports of the same vulnerability will not be rewarded.

Awards

500$
Remote code execution
500$
LFI/LFI/SQLi
500$
Balance Manipulation
300$
Partial Authentication Bypass
300$
Theft of confidential information
300$
Financial vulnerability and personal data
These generally do not correspond to the severity threshold: DDoS, Self-XSS, Spam, Social engineering

Thanks for helping keep the exchange community safe!