9 matches found
Yahoo Web Security Bug Bounty : Phpmyadmin access make data on risk
Yahoo Web Security Bug Bounty : Phpmyadmin access make data on risk Little Insight: Vulnerability in Yahoo bug bounty data on risk Vulnerable Website: http://tw.page.games.yahoo.net/phpmyadmin/setup/index.php?page=form&formset=LeftframetabLefttables Impact: As you can see in the following...
WhatsApp : XSS vulnerability can be misused for Spreading Malware
WhatsApp XSS vulnerability can be misused for Spreading Malware Little Insight: According to FACEBOOK,This XSS could take advantage of the known domain to make phishing attacks easier or can be misused for Spreading Malware Reward For Whatsapp XSS Vulnerability : 1000$ My Finding.... Domain:...
Google Web Security Bug Reward: Restricted File Upload in Google Adwords
Google Web Security Bug Reward: Restricted File Upload in Google Adwords Little Insight: Well this is my first Vulnerability in Google bug bounty which I spotted in https://www.google.com/adwords/ Report Date : 10th fab 2014 Reward For Restricted File Upload by pass Vulnerability : 500$ How This...
Ebay INC (Magento) Web Security Bug Bounty: Directory Traversal / Local File Inclusion In magento.com
Little Insight: https://wiki.magento.com was vulnerable to a directory traversal / local file inclusion vulnerability. As a result, it was possible for an attacker to load web server-readable files from the local filesystem. well this LFI very interesting for me because when i am start my work i...
Facebook Web Security Bug Bounty: Directory Traversal Vulnerability / RCE In Parse.com
--- http://parse.com directory traversal vulnerability| Little Insight: http://parse.com was vulnerable to a directory traversal / RCE vulnerability. As a result, it was possible for an attacker to load web server-readable files from the local filesystem. or Run commend on That Well this is my 4t...
Nokia Web Security Bug Reward: Directory Traversal / Local File inclusion Vulnerability
Little Insight: Well this is my first Directory Traversal Vulnerability / Local File inclusion Vulnerability which I spotted in http://conversations.nokia.com Report Date : 5th march 2014 Reward For Directory Traversal Vulnerability : Nokia Lumia 925Phone How This Work when i was testing it was...
Microsoft: Exploiting XSS with clickjacking
Little Insight: Click jacking just hide-the-button-and-follow-the-mouse. also know as UI Redressing its just playing with the UI of the victim application by clicking and mouse event . In this post we'll show UI-Redressing attack and how an attacker may trigger an unexploitable XSS flaw in an...
Nokia : Exploiting cross-site scripting in Referer header in Trade.online.nokia.com
Little Insight: The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks or referer page back link . The payload Referer: javascript:prompt1; was submitted in the Referer HTTP header. This input was store on page back link when user...
Flowdock Web Security Bug Bounty: Directory Traversal / Local File Inclusion In Flowdock.com
Little insight on LFI https://www.flowdock.com was vulnerable to a directory traversal / local file inclusion vulnerability. As a result, it was possible for an attacker to load webserver-readable files from the local filesystem. How This work..? On the Flowdock API documentation source files in ...