Bug BountyFind a vulnerability on the AvanMarket service
and receive a reward
Anyone can participate in the bug bounty! When you discover a vulnerability, you must prepare a report describing the problem and how to exploit it and send it to us.
RewardsSetting strict boundaries and reward prices is quite difficult, as vulnerabilities and bugs can be of completely different nature and cause varying degrees of damage to the serviceWe have tried to collect all the main types of vulnerabilities for which a reward can be received, and also marked them with severity categories. The higher the severity level, the higher the reward.
Low
Medium
High
Minor visual bugs
50 – 150 USDT
50 – 150
USDT
Bugs that interfere with use Service
150 – 500 USDT
150 – 500 USDT
150 – 500
USDT
Vulnerabilities affecting service functionality
500 – 1 200 USDT
500 – 1 200
USDT
User data leak
1 200 – 3 000 USDT
1 200 – 3 000
USDT
Financial vulnerability
3 000 – 5 000 USDT
3 000 – 5 000
USDT
Complete system compromise / admin access
5 000 – 7 000 USDT
5 000 – 7 000
USDT
Low
Medium
High
How does it work?1
You find a bug and report it using
a special form2
The vulnerability is reviewed
by our team of specialists3
If necessary, we request
additional confirmation4
Upon confirmation, you receive a payment
commensurate with the vulnerability foundReceive a reward ofReceive a reward
$ 50 — $ 7.000
for the vulnerabilities foundWe don't have strict requirements for bug bounty participants. Anyone can try their hand and earn a reward! If you discover vulnerabilities, please submit a report A reporting document that describes the vulnerabilities themselves and how to exploit them.
