Security Policy

Hall of Fame

The security of our products and services is top priority for us – so we naturally respect and appreciate the work of security experts in this area. You can also help us by identifying vulnerabilities so we can address them. Thexyz wishes to thank and acknowledge the security experts who are the first to identify vulnerabilities. Thanks to their support and the countermeasures developed by us, we continue to enhance the security of our products and services.

Security Researchers

Julien Cretel
Edwina Pickering
Shawar Khan
Norman Kemp
Mo Shah
Lance Burrows

Security Bounty Program

Security researchers play an important part in helping keep our product secure. Our Security Bounty Program is our way to reward security researchers for finding and reporting security vulnerabilities to us.

How do I participate?

You can submit a report by clicking the link below.

How much do you pay for the discovery of security vulnerabilities?

Rewards range from $50.00 to $5,000.00 depending on the type and severity of the vulnerability being reported. Rewards can be paid out via PayPal or BitCoin.

What qualifies as a vulnerability?

Any design or implementation issue within Thexyz environment that substantially affects the confidentiality or integrity of user data or the system.

Examples include:

  • Cross-site scripting
  • Cross-site Request Forgery
  • Privilege escalation
  • Authentication or Authorization flaws
  • Information Disclosure

What is out of Scope?

  • Known issues or previously reported vulnerabilities
  • Security vulnerabilities in third-party applications that integrate with WHMCS.
  • Security vulnerabilities in the underlying operating system.

Submit Report

You can submit a report below

Submit Security Report

Email Hosting

Why Thexyz?

Help & Support

Learn more

Terms of Service Sitemap

Copyright © Thexyz Inc.