Yahoo owned Flicker one of the biggest online photo management and sharing website in the world was recently impacted by critical web application vulnerabilities , which left the website 's database and server vulnerable for hackers.
The bug was found by Ibrahim Raafat a security researcher from Egypt SQL injection vulnerabilities on Flickr Photo Books, a new feature for printing custom photo books trough Flickr launched 5 months ago.
He found two parameters (page id , item) that are vulnerable to blind on SQL injection and Remote Code execution.
Ibrahim Raafat received the highest bounty payout $15,000 , the report Flickr vulnerabilities has been patch.
The bug was found by Ibrahim Raafat a security researcher from Egypt SQL injection vulnerabilities on Flickr Photo Books, a new feature for printing custom photo books trough Flickr launched 5 months ago.
He found two parameters (page id , item) that are vulnerable to blind on SQL injection and Remote Code execution.
Video Demo by Ibrahim Raafat:
Ibrahim Raafat received the highest bounty payout $15,000 , the report Flickr vulnerabilities has been patch.
