JKKNIU Cyber Security Club CTF Platform

Vulnerability Disclosure Program (VDP)

We value the contributions of the security community. If you have discovered a security vulnerability, please review the following rules before submitting your findings.

Disclosure Rules

Only test your own accounts. Do not access or modify other users' data.
Do not run automated scans that generate significant traffic.
Do not publicly disclose the vulnerability before it's resolved.
Do not exploit the vulnerability beyond what's necessary to demonstrate it.
Avoid actions that could negatively impact system performance or availability (e.g., DoS).
Provide a clear, step-by-step report with all necessary reproduction details.
Include screenshots, payloads, or PoC code if possible.
Act in good faith. We welcome responsible hackers who help us improve.

Send your detailed report to:

[email protected]

CC: [email protected]

Use PGP if you prefer encrypted communication. We'll respond promptly and may list you in our Hall of Fame below.

🎯 Vulnerability Point System

CVSS Score Range	Severity	Points Awarded
0.1 – 3.9	Low	10
4.0 – 6.9	Medium	25
7.0 – 8.9	High	50
9.0 – 10.0	Critical	100

🏅 Bonus points may be awarded for high-impact or well-documented reports.

🏆 Hall of Fame

Researcher	Points	Accepted Reports
Md. Khairul Islam	60	3
Mst. Rokeya Akter	50	1
4f0m4	50	1
Salman Sadick	50	2
Shazid Mashrafi	50	1
Umma Lutfia Afroze	50	1