Internet News
Ebay fixed the Vulnerability on both sites and credit his name in Ebay responsible Disclosure Page.
This is not finished , he also found XSS Vulnerability on Myspace.com.
Myspace don't reply to the Researcher. According to the Researcher ,
Myspace Vulnerability still exists and he reported about 15 times to the
Myspace Security Team but there is no reply to the researcher .
POC is not provided by researcher because the Vulnerability still exists .
Gitlab
http://blog.gitlab.com/vulnerability-acknowledgements/
BarracudaLabs
http://www.barracudalabs.com/bugbounty/halloffame.html
Ebay
http://pages.ebay.com/securitycenter/ResearchersAcknowledgement.html
wizehive
http://www.wizehive.com/special_thanks.html
Redhat
https://access.redhat.com/site/articles/66234
Opera
http://my.opera.com/securitygroup/blog/2013/04/05/thanks-to-the-researchers
ConstantContact
http://www.constantcontact.com/about-constant-contact/security/report-vulnerability.jsp
According to the Researcher , he will be acknowledge in Adobe , Microsoft and At&t in Hall Of Fame because he reported
the bug in these websites and they said that next month he will be
listed in Hall Of Fame .
This small boy is not small here is a full list with dates that when he
founded XSS Vulnerability in Various Websites which are as follows:
New Record of 14 Years Web Security Researcher Ali Hasan Ghauri in the field Of Web Application Security
14 Years Old ,Security Researcher Ali Hasan Ghauri found Cross Site Scripting Vulnerability on many high profile websites. Recently Ali Hasan found and reported XSS vulnerability in one of the biggest website, ebay and its own website shopping.com POC is not provided by researcher because the Vulnerability still exists .
This young security researcher also found an XSS vulnerability on Cisco website & reported to the Cisco Security Team.
In the survey of this little boy Blog
, he wrote about 150+ website Vulnerability which is fixed now and this
14 Year little boy made a record (Previous record is 16 Years ) for
listed on the following websites :
Gitlab
http://blog.gitlab.com/vulnerability-acknowledgements/
BarracudaLabs
http://www.barracudalabs.com/bugbounty/halloffame.html
Ebay
http://pages.ebay.com/securitycenter/ResearchersAcknowledgement.html
wizehive
http://www.wizehive.com/special_thanks.html
Redhat
https://access.redhat.com/site/articles/66234
Opera
http://my.opera.com/securitygroup/blog/2013/04/05/thanks-to-the-researchers
ConstantContact
http://www.constantcontact.com/about-constant-contact/security/report-vulnerability.jsp
CoinBase
https://coinbase.com/whitehat
- Ebay XSS Vulnerability Found on Mar/7/2013
- OLX XSS Vulnerability Found on Mar/7/2013
- BrainTree Payments DOM Based XSS Vulnerability Found on Jan/5/2013
- Amazon XSS Vulnerability Found on Feb/21/2013
- GitLab Critical Bug Found on Feb/6/2013
- Adobe XSS Vulnerability Found on Feb/23/2013
- ChinaBuye XSS Vulnerability Found on Dec/15/2012
- Albaraka DOM Based XSS Vulnerability Found on Jan/10/2013
- BarracudaLabs Critical Bug Found on Feb/16/2013
- Cnet XSS Vulnerabilities Found on Feb/27/2013
- File Hippo XSS Vulnerabilities Found on Feb/20/2013
- DailyMotion XSS Vulnerability Found on Feb/9/2013
- Bidvertiser XSS Vulnerability Found on Feb/9/2013
- W3schools XSS Vulnerability Found on Jan/29/2013
- Microsoft Critical Bug was Discovered on Feb/12/2013
- Apple Same Bug just like Microsoft Critical Bug was Discovered on Feb/24/2013
- Naaptol XSS Vulnerability Found on Dec/13/2012
- Myspace XSS Vulnerability Found on Dec/27/2012
- US.Acer XSS Vulnerability Found on Jan/7/2013
- Hamariweb XSS Vulnerability Found on Jan/8/2013
- Elance XSS Vulnerability Found on Jan/14/2013
- CoinBase XSS Vulnerability Found on April/29/2013
- Redhat XSS Vulnerability Found on March/16/2013
