Wednesday, May 1, 2013
0
New Record of Pakistani 14 Years Student Researcher in the field Of Web Application Security
14 Years Old , Pakistani Security Researcher Ali Hasan Ghauri found Cross Site Scripting Vulnerability on many high profile websites. Recently Ali Hasan found and reported XSS vulnerability in one of the biggest website, ebay and its own website shopping.com
Here are some Screen Shots :
Ebay fixed the Vulnerability on both sites and credit his name in Ebay responsible Disclosure Page. This is not finished , he also found XSS Vulnerability on Myspace.com. Myspace don't reply to the Researcher. According to the Researcher , Myspace Vulnerability still exists and he reported about 15 times to the Myspace Security Team but there is no reply to the researcher .
POC is not provided by researcher because the Vulnerability still exists .
Here is Screen Shot :
This young security researcher also found an XSS vulnerability on Cisco website & reported to the Cisco Security Team.
Cisco Replied to Researcher :
Cisco fixed this XSS Vulnerability very soon But don't offer any reward for the researcher.
Here is POC:
http://newsroom.cisco.com/press-release-content?articleld=1118649%22%3E%3Cimg%20src=x%20onerror=prompt%28XSS/By/AliHasanGhauri%29%3E
In the survey of this little boy Blog , he wrote about 150+ website Vulnerability which is fixed now and this 14 Year little boy made a record (Previous record is 16 Years ) for listed on the following websites :
Gitlab
http://blog.gitlab.com/vulnerability-acknowledgements/
BarracudaLabs
http://www.barracudalabs.com/bugbounty/halloffame.html
Ebay
http://pages.ebay.com/securitycenter/ResearchersAcknowledgement.html
wizehive
http://www.wizehive.com/special_thanks.html
Redhat
https://access.redhat.com/site/articles/66234
Opera
http://my.opera.com/securitygroup/blog/2013/04/05/thanks-to-the-researchers
ConstantContact
http://www.constantcontact.com/about-constant-contact/security/report-vulnerability.jsp
According to the Researcher , he will be acknowledge in Adobe , Microsoft and At&t in Hall Of Fame because he reported the bug in these websites and they said that next month he will be listed in Hall Of Fame
Here are some Screen Shots :
Ebay fixed the Vulnerability on both sites and credit his name in Ebay responsible Disclosure Page. This is not finished , he also found XSS Vulnerability on Myspace.com. Myspace don't reply to the Researcher. According to the Researcher , Myspace Vulnerability still exists and he reported about 15 times to the Myspace Security Team but there is no reply to the researcher .
POC is not provided by researcher because the Vulnerability still exists .
Here is Screen Shot :
This young security researcher also found an XSS vulnerability on Cisco website & reported to the Cisco Security Team.
Cisco Replied to Researcher :
Cisco fixed this XSS Vulnerability very soon But don't offer any reward for the researcher.
Here is POC:
http://newsroom.cisco.com/press-release-content?articleld=1118649%22%3E%3Cimg%20src=x%20onerror=prompt%28XSS/By/AliHasanGhauri%29%3E
In the survey of this little boy Blog , he wrote about 150+ website Vulnerability which is fixed now and this 14 Year little boy made a record (Previous record is 16 Years ) for listed on the following websites :
Gitlab
http://blog.gitlab.com/vulnerability-acknowledgements/
BarracudaLabs
http://www.barracudalabs.com/bugbounty/halloffame.html
Ebay
http://pages.ebay.com/securitycenter/ResearchersAcknowledgement.html
wizehive
http://www.wizehive.com/special_thanks.html
Redhat
https://access.redhat.com/site/articles/66234
Opera
http://my.opera.com/securitygroup/blog/2013/04/05/thanks-to-the-researchers
ConstantContact
http://www.constantcontact.com/about-constant-contact/security/report-vulnerability.jsp
According to the Researcher , he will be acknowledge in Adobe , Microsoft and At&t in Hall Of Fame because he reported the bug in these websites and they said that next month he will be listed in Hall Of Fame
Categories : Ali Hasan Ghauri , Pakistani Hackers , Security Researchers , Youngest Security Researcher
Follow @TheHackersPost
About Author:
Nauman Ashraf is a security researcher, developer and blogger. He is Founder and Chief Editor of The Hackers Post. Follow him on
Twitter
Subscribe to:
Post Comments
(
Atom
)
0 Responses to “ New Record of Pakistani 14 Years Student Researcher in the field Of Web Application Security ”
Post a Comment