Attributions & Acknowledgments

We would like to thank the following individuals and organizations for their contributions to making this platform more secure and robust.

Security Vulnerabilities & Bug Reports (real, not simulated)

  • Jovan Simonovski and Stefan Toskovski - 2025-03-29 - Discovered real improper error handling in Search Bond form, now tagged as Improper_Error_Handling_3. Reporting coordinated by Viktor Ivanovski
  • Viktor Ivanovski and Matej Plavevski - 2024-12-16 - Discovered real SQL Injection flaw, bypassing the implemented controls
  • Matej Plavevski - 2024-12-14 - Discovered and reported reflected XSS in the Upload Bond form
  • Viktor Ivanovski - 2024-11-28 - Discovered the fourth IDOR vulnerability of the platform.

Penetration Testing

  • Viktor Ivanovski - 2024-11-11 to 2024-12-02 - Performed a full penetration test and documented the simulated vulnerabilities of YieldCat Platform.

Special Thanks

  • Wekoslav Stefanovski - 2024-12-14 - Workshop Speaker at "The Day After Production"
  • Blashka Gligorov - 2024-12-14 and 2025-03-29 - Workshop Speaker at "The Day After Production"
  • Viktor Ivanovski - 2024-12-14 and 2025-03-29 - Workshop Speaker at "The Day After Production"