Vulnerability Disclosure Program (VDP)

VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.

/engagements/coles-vdp-pro

BugcrowdView on Bugcrowd

RawAI Enhanced

In Scope

Out of Scope

In-Scope Assets (13)

Asset	Category	Bounty	Quick Links
https://cdn.productimages.coles.com.au	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://cellarpress.vintagecellars.com.au/	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://prod1apiportal.cmltd.net.au/api-details#api=CUSPGraphQLAPI-v1	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://productscdnprodb5fc14.blob.core.windows.net	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://svt2apigw.cmltd.net.au/digital/search/v1/	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://theliquorcabinet.liquorland.com.au/	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://themarket.firstchoiceliquor.com.au/	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://www.coles.com.au	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://www.colesliquorcorporate.com.au/	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://www.firstchoiceliquor.com.au/	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://www.liquorconnection.com.au/	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://www.liquorland.com.au/	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://www.vintagecellars.com.au/	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa

Out-of-Scope Assets (8)

Asset	Category	Bounty
Payments	OTHER	No
https://apps.apple.com/au/app/coles/id529118855	IOS	No
https://coles.com.au/coles-express	URL	No
https://coles.com.au/credit-cards	URL	No
https://coles.com.au/insurance	URL	No
https://coles.com.au/personal-loans	URL	No
https://play.google.com/store/apps/details?id=com.coles.android.shopmate&hl=en_AU	ANDROID	No
https://secure.coles.com.au	URL	No