Header Ads

Yahoo Paid a biggest bug bounty $15,000 Flickr vulnerability

Yahoo  owned Flicker one of  the  biggest online photo management and sharing website in the  world was recently impacted by critical web application vulnerabilities , which left the website 's database and server vulnerable for hackers.

The bug  was  found  by  Ibrahim Raafat   a security researcher from Egypt SQL injection vulnerabilities on Flickr Photo Books,  a new feature for  printing  custom photo books trough Flickr launched 5 months ago.

He  found two parameters  (page id , item) that are vulnerable to blind on SQL injection and Remote Code execution.

Video Demo by Ibrahim Raafat:

Ibrahim Raafat  received the highest bounty payout  $15,000 , the report Flickr vulnerabilities  has been patch.

No comments

blogmytuts. Powered by Blogger.