Today's cybersecurity headlines are brought to you by ThreatPerspective

Blog | Sam Curry

Exploiting Directory Traversal to View Customer Credit Card Information on Yahoo's Small Business Platform

The Yahoo small business platform was storing user information in a set of directories that were protected simply by obscurity. The attacker, with knowledge of the victims email, could run an wordlist against a very predictable/guessable service ID and receive information from the response in order to view the victims payment information.

Published: 2017-11-10T00:00:00

© Ethical Hacking News . All rights reserved.

Privacy | Terms of Use | Contact Us