2 matches found
Yelp: Multiple Vulnerabilities in (*.blog.yelp.com) - Leakage user admin Sensitive Exposure
Hi! Team @yelp, We Found Multiple Vulnerabilities in you websites , Username Admin Login Sensitive Exposure Refferals Hackerone 753725 Platforms Affected: website . https://blog.yelp.com/wp-json/ user-admin sensitive exposure . https://blog.yelp.com/wp-login.php Admin-Page disclousure Steps To...
Yelp: DoS of https://blog.yelp.com/ and other WP instances via CVE-2018-6389
Description: There is possibility in /wp-admin/load-scripts.php script to generate large 3Mb amount of data via simple non-authenticated request to server. The vulnerability is registered as https://vulners.com/cve/CVE-2018-6389 Details: Detailed attack scenario is described for example here:...