View RSS Feed


Entries with no category

  1. SQL Injection Vulnerability in ebay

    Title: SQL Injection Vulnerability in sub domains
    Author: Yogesh D Jaygadkar
    Reported: December 27, 2012
    Fixed: Jan 15, 2013
    Public Released: Jan 25, 2013
    Thanks To: Darshit Ashara
    Greets : Rahul Bro, Aasim, Sandeep, Sagar


    Last Month I reported SQL Injection vulnerabilities in sub domains. You can see how many days they took for patching & allowing me to publish the vulnerability. But finally ...
  2. Password Reset Vulnerability in

    Hi Friends & All Big Bros

    Yesterday i received my first white hat bounty from for finding password related vulnerability.

    In, when users reset their password, they receives password reset link which is as below.

    h##ps://[User Email ID]&code=[Token code]&action=reset_password&utm_source=account&utm_medi um=trans_email&utm_campaign=forgot_password_1

    I ...