- VADAQ CHX 5800 Gas-Powered Chainsaw
- VADAQ HDX 4200 Cordless Rotary Hammer Drill
- VADAQ CSX 7200 Circular Saw
- VADAQ GSCX 3200 Dual-Action Polisher
- VADAQ AGX-8800 Cordless Angle Grinder
- VADAQ XRX 8800 Reciprocating Saw
- VADAQ GBX 2500 Bench Grinder
- VADAQ PLX-7200 Professional Electric Polisher
- VADAQ GSCX 5900 Dual-Action Polisher
- VADAQ TQX-4500 Heavy-Duty Impact Wrench
Report a Security Issue
If you discover a security vulnerability on Vadaq.com, we encourage you to notify us immediately. We review all legitimate reports thoroughly and strive to resolve any issues as quickly as possible. Before submitting your report, please review the guidelines below, which cover key principles, our bounty program, reward criteria, and what should not be reported.
Principles
When reporting a security issue to Vadaq.com , if you follow these principles, we will not take legal action or enforcement against you in response to your good-faith report:
- Please allow us a reasonable amount of time to investigate and fix the reported issue before making any details public or sharing them elsewhere.
- Do not access or modify private accounts without the explicit consent of the account owner.
- Make a sincere effort to avoid privacy violations and disruptions, including data destruction or service interruptions.
- Do not exploit the vulnerability for any reason, including attempting to escalate privileges or uncover additional issues.
- Comply with all applicable laws and regulations during your investigation.
Bounty Program
We value and reward security researchers who help us keep our services safe by reporting vulnerabilities. Monetary rewards are granted at Vadaq.com ’s discretion based on risk, impact, and other factors. To qualify for a bounty, you must:
- Adhere to the principles above.
- Report a valid security vulnerability that poses a risk to our platform or users. (Note that not all bugs are security issues — Vadaq.com makes the final determination.)
- Submit your report via our official security channel — please do not contact employees directly.
- Disclose any unintended privacy breaches or disruptions caused during your investigation.
- Understand that we prioritize reports based on severity, so response times may vary.
- Agree that we reserve the right to publish valid reports.
Rewards
Rewards depend on the severity and impact of the vulnerability. We update the program periodically and welcome your feedback.
- Reports must include detailed, reproducible steps; incomplete reports are not eligible.
- The first valid report of a vulnerability is rewarded in cases of duplicates.
- Multiple related vulnerabilities from the same root cause will be rewarded with one bounty.
- Rewards are determined by factors like impact, exploit difficulty, and report quality. All rewards are at our discretion.
Maximum reward amounts by severity:
- Critical ($200): Issues such as privilege escalation, remote code execution, financial theft, etc.
Examples:- Remote code execution
- Remote shell access
- Vertical authentication bypass
- SQL injection exposing data
- Full account compromise
- High ($100): Issues impacting platform security or critical processes.
Examples:- Lateral authentication bypass
- Exposure of sensitive company data
- Stored XSS affecting other users
- Local file inclusion
- Improper cookie handling
- Medium ($50): Affect multiple users and require minimal user interaction.
Examples:- Logic flaws or business process bugs
- Insecure object references
- Low: Affect individual users and require significant interaction or conditions.
Examples:- Open redirects
- Reflective XSS
- Minor information leaks
Contact Information:
Vadaq LLC
For any questions or concerns, please visit our Contact Us page.
📍 Address: 410 West 61st Street Minneapolis, MN 55419 United States of America
📞 Phone:+1 (320) 297 4480
📧 Email: contact@vadaq.com
🕒 Hours of Operation:
Monday to Friday — 8:00 AM to 7:00 PM PST