| Version | Supported |
|---|---|
| 4.x | ✅ Active support |
| 3.x | |
| 2.x | ❌ End of life |
| 1.x | ❌ End of life |
If you discover a security vulnerability in VIP SQLi Scanner itself (not in targets being scanned), please follow responsible disclosure:
- Do NOT open a public issue.
- Email: Send details to
viphacker100@proton.me - Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
| Action | Timeline |
|---|---|
| Acknowledgment | Within 48 hours |
| Initial assessment | Within 1 week |
| Fix release | Within 2 weeks (critical) |
| Public disclosure | After fix is released |
- Authentication bypass in the dashboard
- SQL injection in the dashboard's own database queries
- Remote code execution via payloads or plugins
- Unauthorized data access via API endpoints
- Dependency vulnerabilities
- Vulnerabilities in scan targets (that's the scanner's job!)
- Social engineering attacks
- Physical security
- Issues in third-party services (Slack, Jira, AWS)
We support safe harbor for security researchers who:
- Act in good faith
- Avoid impacting other users
- Report vulnerabilities responsibly
- Do not exploit vulnerabilities beyond verification
EST 2026 · viphacker100 (Aryan Ahirwar)