Researchers Get $11,171 for reporting multiple vulnerability to eBay Magento eCommerce web applicationPosted by SiddhartH SolankI in: hacking news security researcher
Flicker is very large photo sharing and photographs management system and its owned by the Yahoo!
Security Researcher named Ibrahim Raafat have found that the Flicker is suffering from the SQL injection and Remote code execution vulnerabilities. He have found Two parameters which where vulnerable to the SQL injection named $page_id and $items.
By exploiting this vulnerability he was able to get the MYSQL root password. He have reported both RCE and SQL injection vulnerabilities to the yahoo and now its patched.
According to the Ibrahim Raafat, most of the web applications are vulnerable to the Blind SQL injection and after the deep research you can find the Direct SQL injection in the web application.
Heartbleed vulnerability have affected many web applications as they are using OpenSSL encryption technique to protect the communication.
Some of the companies that where vulnerable to this Heartbleed bug have successfully updated their server with a patch to fix the Heartbleed bug.
How to protect your self from the Heartbleed vulnerability ?
To protect your self from the Heartbleed vulnerability all you have to do is to change all your passwords. You have to change the passwords of your emails, facebook, twitters and every web applications which uses the OpenSSL encryption technology.