Wednesday, 23 November 2016

Yahoo Web Security Bug Bounty : Phpmyadmin access make data on risk

Yahoo Web Security Bug Bounty :  Phpmyadmin access make data on risk



 

Little Insight: 


 Vulnerability in Yahoo bug bounty  data on risk 


Vulnerable Website: 

http://tw.page.games.yahoo.net/phpmyadmin/setup/index.php?page=form&formset=Left_frame#tab_Left_tables


Impact: As you can see in the following screenshot I managed to login into phpmyadmin




 


Reward For  Phpmyadmin access  Vulnerability  : 500$

 

More Information

Thank you for your report, normally this would be out of scope but we felt this was a good find and we awarded a discretionary bounty.

The vulnerability mentioned here has been confirmed patched by the Yahoo Security Team.