The Hacker News Logo
Subscribe to Newsletter

The Hacker News — Cyber Security and Hacking News Website: shell script

Flickr vulnerable to SQL Injection and Remote Code Execution Flaws

Flickr vulnerable to SQL Injection and Remote Code Execution Flaws

April 14, 2014Wang Wei
Yahoo-owned Flickr , one of the biggest online photo management and sharing website in the world was recently impacted by critical web application vulnerabilities, which left website's database and server vulnerable hackers. Ibrahim Raafat , a security researcher from Egypt has found SQL injection vulnerabilities on  Flickr Photo Books , new feature for printing custom photo books through Flickr that was launched 5 months ago. He claimed to have found two parameters ( page_id , items ) vulnerable to Blind SQL injection and one  (i.e. order_id ) Direct SQL Injection that allowed him to query the Flickr database for its content by the injection of a SQL SELECT statements. A Successful SQL exploitation could allow an attacker to steal the Database and MYSQL administrator password. Furthermore, Flickr's SQL injection flaws also facilitate the attacker to exploit remote code execution on the server and using  load_file(“/etc/passwd“)   function he was successfu
WordPress plugin W3 Total Cache critical Vulnerability disclosed

WordPress plugin W3 Total Cache critical Vulnerability disclosed

December 26, 2012Wang Wei
One of the most popular Wordpress Plugin called " W3 Total Cache " which is used to Improve site performance and user experience via caching, having potential vulnerability. On Christmas day, someone disclose it on full-disclosure site that how a plugin misconfiguration leads to possible Wordpress cms hack. The loophole is actually activated on the fact that how W3TC stores the database cache. Jason disclosed that cache data is stored in public accessible directory, from where a malicious attack can can retrieve password hashes and other database information. Default location where this plugin stores data is " /wp-content/w3tc/dbcache/ " and if directory listing is enabled, attacker can browse and download it. He said," Even with directory listings off, cache files are by default publicly downloadable, and the key values / file names of the database cache items are easily predictable. " Because the plugin is very famous ,so this makes quite
Exclusive Deals

Get Daily News Updates By Email

Join over 350,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.