Vulnerability Disclosure Program

At Innoplexus, we follow strong European/ German rules and have high standard processes in place. Thus, customers trust in our capabilities. Information security is a key aspect of any organisation today. That’s why we take the challenge and want to encourage, support, and celebrate independent open security research. Our vision is to have an even better and stronger Innoplexus in terms of security as a result of this program.

Please submit a detailed report of your research while following our guidelines below.


If you believe you have found any security (technical) vulnerability in our products or services, you are welcome to submit a vulnerability report to ““.

In case of reporting any security vulnerability/Issues, please ensure that you have included following information (Qualified Reporting):

1) The main URL where the vulnerability is located.

2) A detailed description with necessary screenshots.

3) Versions of web components related to the vulnerability (browser, OS, APP version, etc.).

4) Steps to reproduce the vulnerability and your advice to fix it.

5) Tools used while performing the test

6) Any other useful information that you think we must know.



We will review and respond as quickly as possible to your submission, and keep you informed as we work to fix the vulnerability/issue you submitted(Valid bugs). Based on the research report that you submit to us, We will include your name in our Hall of fame(HOF).

We may contact you for further information if necessary.


The main categories of vulnerabilities that we are sincerely looking for are:

1) Cross-site Scripting (XSS)

2) Cross-site Request Forgery (CSRF)

3) Server-Side Request Forgery (SSRF)

4) SQL Injection

5) Remote Code Execution (RCE)

6) XML External Entity Attacks (XXE)

7) Access Control Issues (Insecure Direct Object Reference issues, etc.)

8) Exposed Administrative Panels without strong protection

9) Directory Traversal Issues

10) Local File Disclosure (LFD)

11) User Sensitive Information Leakage

12) Any other issue that you think is important

Ineligible Reports

1) Vulnerabilities affecting users of outdated browsers or platforms: IE < 9, Chrome < 40, Firefox < 35, Safari < 7, Opera < 13

2) “Self” XSS

3) Missing cookie flags

4) Mixed content warnings

5) SSL/TLS best practices

6) Clickjacking/UI redressing

7) Reflected file download attacks (RFD)

8) Physical or social engineering attacks

9) Unverified Results of automated tools or scanners

10) Login/logout/unauthenticated/low-impact CSRF

11) Issues related to networking protocols or industry standards

12) Missing security-related HTTP headers which do not directly lead to a vulnerability






We will continue to add new domains in the next few weeks as we start receiving research reports.

“Hall of Fame” is a leaderboard for all hackers who found a security vulnerability for the domains listed, and have submitted their report at Before submitting the report they have to acknowledge and agree to the terms and condition of the program.

Akshat Dubey
Download Technology Capabilities
close slider

Download Technology Capabilities