Blog | G5 Cyber Security

Discovered a Remote Command Execution Vulnerability in Yahoo!

Cyber security expert Ebrahim Hegazy has found a Remote Code Execution vulnerability in a Yahoo server hosting numerous sub-domains. The hacker found the vulnerability at the link that refers to a Yahoo! server which hosts numerous subdomains of the company. The payload used to exploit the flaw was Whoami$ { @print ( system ( whoami)) and System(id) or any other PHP function/code”]

Source: http://securityaffairs.co/wordpress/21631/hacking/remote-command-execution-yahoo.html

Exit mobile version