As we all know that Pornhub is a part of the Pornhub NETWORK campaign which is a pornographic video sharing website and the largest pornography site on the Internet. Pornhub was launched in Montreal, providing professional and amateur photography since 2007. Hence, the porn site Pornhub also has offices and servers in San Francisco, Houston, New Orleans and London. In March 2010, the porn site Pornhub was bought by Manwin (now known as MindGeek), which owns numerous other porn websites. Now the Pornhub administration stated that they are ready to pay from $50 to $25 thousand to the vulnerability finder on the website.
Adult Site Launched Bug Bounty ProgramAs the number of hacker attacks and data leaks companies around the world are trying to make a greater effort to ensure the security of corporate and user information. One way to strengthen the protection of sites is to attract third-party researchers to find vulnerabilities. Such a measure is popular among many companies, and resources that offer “adult” entertainment, are no exception.
One of the world’s largest websites with erotic content PornHub together with HackerOne, the provider of a platform which is designed to streamline vulnerability coordination and bug bounty program by enlisting hackers to improve your security. Hence, the platform launched a public program remuneration for the discovered vulnerabilities. The size of the premium varies from $50 to $25 thousand. Depending on the risk of the problem.
Get rewards as much as possible, following a few conditions. First of all, the researcher has to discover the vulnerability which must be previously known along with the new ones. The researcher must have to provide a detailed report on it, and how to operate and fix it, along with the PoC-code and screenshots. Exposing the information about the vulnerability to someone other than PornHub is strictly prohibited.
As we mentioned earlier that the Pornhub administration is ready to pay $50 to $25 thousand, just for reporting the dangerous vulnerability that could allow compromising the server and site. CSRF and XSS vulnerabilities, errors associated with HTTPS etc and the participation in the program is not acceptable.