CYFARE - VULNERABILITY DISCLOSURE PROGRAM / HALL OF FAME
CYFARE.NET

Cyber Security

3D Fabrication

Cyfare Shop

Extra Apps

Social

Cyfare Socials
CYFARE.NET

CYFARE.NET

CyberSec & Tech Products

Hall of Fame

Security researchers who have helped make Cyfare more secure

DNS Rebinding

Disclosed: 2025-06-13

Medium Severity

DNS Rebinding via Link Shortner

Reported By: Suresh S

HTML Injection (Bypass)

Disclosed: 2025-06-11

Medium Severity

HTML Injection filter evasion (bypass) in CyfareGPT Chat

Reported By: Team-DisclosureX Cybrgen

Reflected XSS (Bypass)

Disclosed: 2025-06-07

Medium Severity

Reflected XSS filter evasion (bypass) in CyfareGPT Chat

Reported By: Buvaneshvaran K.

Missing Secure Headers

Disclosed: 2025-01-31

Medium Severity

Inadequate HSTS implementation and missing secure flag for cookies.

Reported By: Abdul Rauf Memon

Reflected XSS

Disclosed: 2024-12-04

Medium Severity

Reflected XSS in CyfareGPT Chat

Reported By: Prithivik SL

DoS Via JSON Injection

Disclosed: 2024-11-03

High Severity

Application DoS via JSON Injection Throughout Site

Reported By: 4nonimus

Honorary Mentions

Honoring disclosures that don't match the vulnerability criteria for cyfare.net, but are valid issues in most scenarios.

Insecure File Upload

Disclosed: 2025-06-12

Informational

Cyfare File Upload allows users to upload any type of file (could be malicious file) without rejection.

Reported By: Thulasi Doss A

Report vulnerabilities in cyfare.net and get recognized in our Hall of Fame.

security@cyfare.net
Beautiful Cyfare Footer