Bug bounty
Triaged by Hackenproof

Tickets Travel Network / Mobile : Program info

Tickets Travel Network / Mobile

Company: Tickets Travel Network
This program is active now
Program infoHackers (10)Reports

Tickets Travel Network is one of the most distinctive and expansive travel distribution companies in the EMEA region. As a smart travel provider, we offer our customers wide range of products: flights, train and bus journeys.

In scope
TargetTypeSeverityReward
https://play.google.com/store/apps/details?id=ua.tickets.gd&hl=uk
copy
Copy
success Copied

Tickets.ua

Android
Critical
Bounty
https://apps.apple.com/ua/app/tickets-ua/id731435070
copy
Copy
success Copied

Tickets.ua

iOS
Critical
Bounty
https://play.google.com/store/apps/details?id=kz.tickets.avia&gl=US&hl=ru
copy
Copy
success Copied

Tickets.kz

Android
Critical
Bounty
https://play.google.com/store/apps/details?id=kz.tickets.avia&gl=US&hl=ru
copy
Copy
success Copied

Tickets.kz

iOS
Critical
Bounty
https://play.google.com/store/apps/details?id=pl.tickets.avia&referrer=utm_source%3Dmainweb%26utm_medium%3Dbadge&hl=en
copy
Copy
success Copied

Tickets.pl

Android
Critical
Bounty
https://apps.apple.com/pl/app/tickets-pl/id1144507663?l=pl
copy
Copy
success Copied

Tickets.pl

iOS
Critical
Bounty
https://play.google.com/store/apps/details?id=com.kissandfly.avia
copy
Copy
success Copied

Kissandfly.com

Android
Critical
Bounty
https://apps.apple.com/us/app/kissandfly/id6499211323
copy
Copy
success Copied

Kissandfly.com

iOS
Critical
Bounty
Target
https://play.google.com/store/apps/details?id=ua.tickets.gd&hl=uk
copy
Copy
success Copied

Tickets.ua

TypeAndroid
Severity
Critical
RewardBounty
Target
https://apps.apple.com/ua/app/tickets-ua/id731435070
copy
Copy
success Copied

Tickets.ua

TypeiOS
Severity
Critical
RewardBounty
Target
https://play.google.com/store/apps/details?id=kz.tickets.avia&gl=US&hl=ru
copy
Copy
success Copied

Tickets.kz

TypeAndroid
Severity
Critical
RewardBounty
Target
https://play.google.com/store/apps/details?id=kz.tickets.avia&gl=US&hl=ru
copy
Copy
success Copied

Tickets.kz

TypeiOS
Severity
Critical
RewardBounty
Target
https://play.google.com/store/apps/details?id=pl.tickets.avia&referrer=utm_source%3Dmainweb%26utm_medium%3Dbadge&hl=en
copy
Copy
success Copied

Tickets.pl

TypeAndroid
Severity
Critical
RewardBounty
Target
https://apps.apple.com/pl/app/tickets-pl/id1144507663?l=pl
copy
Copy
success Copied

Tickets.pl

TypeiOS
Severity
Critical
RewardBounty
Target
https://play.google.com/store/apps/details?id=com.kissandfly.avia
copy
Copy
success Copied

Kissandfly.com

TypeAndroid
Severity
Critical
RewardBounty
Target
https://apps.apple.com/us/app/kissandfly/id6499211323
copy
Copy
success Copied

Kissandfly.com

TypeiOS
Severity
Critical
RewardBounty

Focus Area

IN SCOPE VULNERABILITIES (MOBILE)

We are interested in the following vulnerabilities:

  • Business logic issues
  • Payments manipulation
  • Remote code execution (RCE)
  • Injection vulnerabilities (SQL, XXE)
  • File inclusions (Local & Remote)
  • Access Control Issues (IDOR, Privilege Escalation, etc)
  • Leakage of sensitive information
  • Server-Side Request Forgery (SSRF)
  • Cross-Site Request Forgery (CSRF)
  • Cross-Site Scripting (XSS)
  • Directory traversal
  • Other vulnerability with a clear potential loss

OUT OF SCOPE VULNERABILITIES

  • Attacks requiring physical access to a user's device
  • Vulnerabilities that require root/jailbreak
  • Vulnerabilities requiring extensive user interaction
  • Exposure of non-sensitive data on the device
  • Reports from static analysis of the binary without PoC that impacts business logic
  • Lack of obfuscation/binary protection/root(jailbreak) detection
  • Bypass certificate pinning on rooted devices
  • Lack of Exploit mitigations i.e., PIE, ARC, or Stack anaries
  • Sensitive data in URLs/request bodies when protected by TLS
  • Path disclosure in the binary
  • OAuth & app secret hard-coded/recoverable in IPA, APK
  • Sensitive information retained as plaintext in the device’s memory
  • Crashes due to malformed URL Schemes or Intents sent to exported Activity/Service/Broadcast Receiver (exploiting these for sensitive data leakage is commonly in scope)
  • Any kind of sensitive data stored in-app private directory
  • Runtime hacking exploits using tools like but not limited to Frida/ Appmon (exploits only possible in a jailbroken environment)
  • Shared links leaked through the system clipboard
  • Any URIs leaked because a malicious app has permission to view URIs opened.
  • Exposure of API keys with no security impact (Google Maps API keys etc.)

Program Rules

  • ! Avoid using web application scanners for automatic vulnerability searching which generates massive traffic
  • Make every effort not to damage or restrict the availability of products, services or infrastructure
  • Avoid compromising any personal data, interruption or degradation of any service
  • Don’t access or modify other user data, localize all tests to your accounts
  • Perform testing only within the scope
  • Don’t exploit any DoS/DDoS vulnerabilities, social engineering attacks or spam
  • Don’t spam forms or account creation flows using automated scanners
  • In case you find chain vulnerabilities we’ll pay only for vulnerability with the highest severity.
  • Vulnerabilities found in any other regional domain with the same codebase will be considered the same vulnerability
  • Only the first valid bug is eligible for the reward
  • Don’t break any law and stay in the defined scope
  • Any details of found vulnerabilities must not be communicated to anyone who is not a HackenProof Team or an authorized employee of this Company without appropriate permission
Rewards
Range of bounty$50 - $2,000
Severity
Critical
$1,500 - $2,000
High
$900 - $1,500
Medium
$300 - $700
Low
$50 - $100
Stats
Scope Review3523
Submissions20
Total rewards$6,300
Types
apps
Platforms
IOS
Android
Hackers (10) View all
Mohamed Abozaid
1
Bogdan Bodisteanu
2
SLA (Service Level Agreement)
Time within which the program's triage team must respond
Response TypeBusiness days
First Response7d
Triage Time10d
Reward Time1d
Resolution Time15d