Wednesday 23 November 2016

Yahoo Web Security Bug Bounty : Phpmyadmin access make data on risk

Yahoo Web Security Bug Bounty :  Phpmyadmin access make data on risk



 

Little Insight: 


 Vulnerability in Yahoo bug bounty  data on risk 


Vulnerable Website: 

http://tw.page.games.yahoo.net/phpmyadmin/setup/index.php?page=form&formset=Left_frame#tab_Left_tables


Impact: As you can see in the following screenshot I managed to login into phpmyadmin




 


Reward For  Phpmyadmin access  Vulnerability  : 500$

 

More Information

Thank you for your report, normally this would be out of scope but we felt this was a good find and we awarded a discretionary bounty.

The vulnerability mentioned here has been confirmed patched by the Yahoo Security Team.

 

Sunday 6 November 2016

WhatsApp : XSS vulnerability can be misused for Spreading Malware


   WhatsApp  XSS vulnerability can be misused for Spreading Malware 

 

 

 

 

Little Insight: 

[ According to FACEBOOK, This XSS could take advantage of the known domain to make phishing attacks easier or can be misused for Spreading Malware   :-)  ]

 

Reward For Whatsapp XSS  Vulnerability  : 1000$












More Information

The vulnerability mentioned here has been confirmed patched by the Facebook Security Team.