- Apr 25, 2013
- 5,355
Yahoo! Contributors Network (contributor.yahoo.com), the network of authors that generated the contents such as photographs, videos, articles and their knowledge to more than 600 million monthly visitors, was vulnerable to a Time based Blind SQL Injection vulnerability.
Behrouz Sadeghipour, a security researcher reported the Blind SQLi vulnerability in Yahoo!’s website that could be exploited by hackers to steal users’ and authors’ database, containing their personal information.
Behrouz reported this flaw to Yahoo! Security team few months back. The team responded positively and within a month they patched the vulnerability successfully. Unfortunately after that Yahoo! announced to shut down ‘Yahoo Contributors Network’ due to its decreasing popularity and removed all the contents from the web, except some of the “work for hire” content may remain on the web.
Full Article
Behrouz Sadeghipour, a security researcher reported the Blind SQLi vulnerability in Yahoo!’s website that could be exploited by hackers to steal users’ and authors’ database, containing their personal information.
Behrouz reported this flaw to Yahoo! Security team few months back. The team responded positively and within a month they patched the vulnerability successfully. Unfortunately after that Yahoo! announced to shut down ‘Yahoo Contributors Network’ due to its decreasing popularity and removed all the contents from the web, except some of the “work for hire” content may remain on the web.
Full Article