Reports in stellar program: S.No Title Bounty 1 HTTP - Basic Authentication on https://www.stellar.org/wp-login.php $0.0 2 Session Cookie without HttpOnly and secure flag set $0.0 3 heap-buffer-overflow (READ of size 1) in cpptoml::parser::consume_whitespace() $0.0 4 Exploitable vulnerability in SDEX $0.0 5 It's possible to put SDX orderbook into invalid state and execute trades at arbitrary price $0.0 6 Admin panel of https://www.stellar.org/wp-admin/ $0.0 7 brute force attack allowed on admin page https://www.stellar.org/wp-admin/ $0.0 8 xss $0.0 9 Direct URL access to PDF files $0.0 10 Bypassing Verify Humans Page $0.0