That's kind bad - first of all 50$ can be really low depending on the region, but more importantly this disregards the time spend on looking for exploits that don't pan out.

So I would multiply that 50$ by at least 4.

But still like the other said bugs should pay by severity not by time spent.