Vulnerability Disclosure Program (VDP)

VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.

shutterfly_vdp

HackerOneView on HackerOne
RawAI Enhanced
35
In Scope
2
Out of Scope
In-Scope Assets (35)
AssetCategoryBountyQuick Links
*.lifetouch.comWILDCARDNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
*.photoccino.comWILDCARDNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
*.sbs.shutterfly.comWILDCARDNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
*.sf-cdn.comWILDCARDNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
*.shutterfly.comWILDCARDNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
*.snapfish.comWILDCARDNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
Snapfish Photo Tile Wall Decor / com.snapfish-llc.SnapfishExpressIOSNo-
Snapfish: Photos Cards & Books / com.hp.SnapfishIOSNo-
Snapfish: Prints + Photo Books / com.snapfish.mobileANDROIDNo-
admin.spoonflower.comURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
api-gateway.spoonflower.comURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
blog.spoonflower.comURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
cart.spoonflower.comURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
com.shutterflyANDROIDNo
Play StoreAPKPureAPKMirror
com.shutterfly.ShutterflyUploaderIOSNo-
https://www.cvs.com/photo/URLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
jcpportraits.comURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
lifetouch.comURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
photo.walgreens.comURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
preschoolsmiles.comURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
prestigeportraits.comURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
shutterfly-prod.auth.us-east-1.amazoncognito.comURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
shutterfly.comURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
snapfish.co.nzURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
snapfish.co.ukURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
snapfish.comURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
snapfish.com.auURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
snapfish.deURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
snapfish.frURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
snapfish.ieURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
snapfish.itURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
staging.spoonflower.comURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
tinyprints.comURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
wgwebservices.snapfish.comURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
www.spoonflower.comURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
Out-of-Scope Assets (2)
AssetCategoryBounty
https://*.cvs.com/WILDCARDNo
https://*.walgreens.com/WILDCARDNo
Scope Changes (111)
Feb 25, 2026
ChangeAssetCategoryScopeTime
Addedstaging.spoonflower.comURLIn Scope21:23
Addedshutterfly-prod.auth.us-east-1.amazoncognito.comURLIn Scope21:23
Addedwww.spoonflower.comURLIn Scope21:23
Addedcart.spoonflower.comURLIn Scope21:23
Addedapi-gateway.spoonflower.comURLIn Scope21:23
Addedadmin.spoonflower.comURLIn Scope21:23
Addedsnapfish: prints + photo books / com.snapfish.mobileANDROIDIn Scope20:23
Addedsnapfish.co.nzURLIn Scope20:23
Addedprestigeportraits.comURLIn Scope20:23
Addedsnapfish.comURLIn Scope20:23
Added*.lifetouch.comWILDCARDIn Scope20:23
Added*.cvs.comWILDCARDOut of Scope20:23
Added*.shutterfly.comWILDCARDIn Scope20:23
Addedlifetouch.comURLIn Scope20:23
Addedsnapfish photo tile wall decor / com.snapfish-llc.snapfishexpressIOSIn Scope20:23
Addedhttps://www.cvs.com/photoURLOut of Scope20:23
Added*.photoccino.comWILDCARDIn Scope20:23
Addedpreschoolsmiles.comURLIn Scope20:23
Addedsnapfish.itURLIn Scope20:23
Added*.sf-cdn.comWILDCARDIn Scope20:23
Addedjcpportraits.comURLIn Scope20:23
Addedshutterfly.comURLIn Scope20:23
Addedsnapfish.ieURLIn Scope20:23
Addedsnapfish.co.ukURLIn Scope20:23
Addedphoto.walgreens.comURLIn Scope20:23
Added*.sbs.shutterfly.comWILDCARDIn Scope20:23
Addedcom.shutterfly.shutterflyuploaderIOSIn Scope20:23
Addedsnapfish: photos cards & books / com.hp.snapfishIOSIn Scope20:23
Addedsnapfish.deURLIn Scope20:23
Addedsnapfish.com.auURLIn Scope20:23
Added*.snapfish.comWILDCARDIn Scope20:23
Added*.walgreens.comWILDCARDOut of Scope20:23
Addedtinyprints.comURLIn Scope20:23
Addedblog.spoonflower.comURLIn Scope20:23
Addedcom.shutterflyANDROIDIn Scope20:23
Addedsnapfish.frURLIn Scope20:23
Addedwgwebservices.snapfish.comURLIn Scope20:23
Feb 24, 2026
ChangeAssetCategoryScopeTime
Addedcart.spoonflower.comURLIn Scope04:16
Addedapi-gateway.spoonflower.comURLIn Scope04:16
Feb 23, 2026
ChangeAssetCategoryScopeTime
Addedapi-gateway.spoonflower.comURLIn Scope23:16
Addedcart.spoonflower.comURLIn Scope23:16
Feb 22, 2026
ChangeAssetCategoryScopeTime
Addedsnapfish: prints + photo books / com.snapfish.mobileANDROIDIn Scope00:42
Addedcom.shutterflyANDROIDIn Scope00:42
Addedtinyprints.comURLIn Scope00:42
Addedsnapfish.com.auURLIn Scope00:42
Added*.sbs.shutterfly.comWILDCARDIn Scope00:42
Addedblog.spoonflower.comURLIn Scope00:42
Addedjcpportraits.comURLIn Scope00:42
Addedprestigeportraits.comURLIn Scope00:42
Added*.shutterfly.comWILDCARDIn Scope00:42
Addedsnapfish.itURLIn Scope00:42
Addedphoto.walgreens.comURLIn Scope00:42
Added*.lifetouch.comWILDCARDIn Scope00:42
Added*.photoccino.comWILDCARDIn Scope00:42
Addedsnapfish photo tile wall decor / com.snapfish-llc.snapfishexpressIOSIn Scope00:42
Addedcom.shutterfly.shutterflyuploaderIOSIn Scope00:42
Addedsnapfish: photos cards & books / com.hp.snapfishIOSIn Scope00:42
Addedsnapfish.co.nzURLIn Scope00:42
Addedsnapfish.comURLIn Scope00:42
Addedsnapfish.ieURLIn Scope00:42
Addedsnapfish.co.ukURLIn Scope00:42
Addedwgwebservices.snapfish.comURLIn Scope00:42
Addedwww.spoonflower.comURLIn Scope00:42
Addedlifetouch.comURLIn Scope00:42
Addedshutterfly.comURLIn Scope00:42
Added*.sf-cdn.comWILDCARDIn Scope00:42
Added*.cvs.comWILDCARDOut of Scope00:42
Addedsnapfish.deURLIn Scope00:42
Addedsnapfish.frURLIn Scope00:42
Added*.snapfish.comWILDCARDIn Scope00:42
Addedhttps://www.cvs.com/photoURLIn Scope00:42
Addedadmin.spoonflower.comURLIn Scope00:42
Addedstaging.spoonflower.comURLIn Scope00:42
Addedshutterfly-prod.auth.us-east-1.amazoncognito.comURLIn Scope00:42
Added*.walgreens.comWILDCARDOut of Scope00:42
Addedpreschoolsmiles.comURLIn Scope00:42
Feb 21, 2026
ChangeAssetCategoryScopeTime
Addedblog.spoonflower.comURLIn Scope19:12
Added*.shutterfly.comWILDCARDIn Scope19:12
Addedlifetouch.comURLIn Scope19:12
Addedjcpportraits.comURLIn Scope19:12
Addedprestigeportraits.comURLIn Scope19:12
Addedpreschoolsmiles.comURLIn Scope19:12
Addedshutterfly.comURLIn Scope19:12
Addedcom.shutterfly.shutterflyuploaderIOSIn Scope19:12
Addedcom.shutterflyANDROIDIn Scope19:12
Addedtinyprints.comURLIn Scope19:12
Addedsnapfish: photos cards & books / com.hp.snapfishIOSIn Scope19:12
Addedsnapfish: prints + photo books / com.snapfish.mobileANDROIDIn Scope19:12
Addedsnapfish photo tile wall decor / com.snapfish-llc.snapfishexpressIOSIn Scope19:12
Addedsnapfish.comURLIn Scope19:12
Addedsnapfish.deURLIn Scope19:12
Addedsnapfish.frURLIn Scope19:12
Addedsnapfish.ieURLIn Scope19:12
Addedsnapfish.itURLIn Scope19:12
Addedsnapfish.co.ukURLIn Scope19:12
Addedsnapfish.com.auURLIn Scope19:12
Addedsnapfish.co.nzURLIn Scope19:12
Addedphoto.walgreens.comURLIn Scope19:12
Added*.snapfish.comWILDCARDIn Scope19:12
Added*.sf-cdn.comWILDCARDIn Scope19:12
Addedwgwebservices.snapfish.comURLIn Scope19:12
Addedhttps://www.cvs.com/photoURLIn Scope19:12
Added*.lifetouch.comWILDCARDIn Scope19:12
Added*.photoccino.comWILDCARDIn Scope19:12
Added*.sbs.shutterfly.comWILDCARDIn Scope19:12
Addedwww.spoonflower.comURLIn Scope19:12
Addedadmin.spoonflower.comURLIn Scope19:12
Addedstaging.spoonflower.comURLIn Scope19:12
Addedshutterfly-prod.auth.us-east-1.amazoncognito.comURLIn Scope19:12
Added*.cvs.comWILDCARDOut of Scope19:12
Added*.walgreens.comWILDCARDOut of Scope19:12