A penetration tester has allegedly hacked Yahoo!, Claiming to have acquired access to the sites backup’s and database files.
The hacker using the handle Virus_Hima published screenshots showing off backups for Yahoo’s finance subdomain.
Virus_Hima claimed to have got at the databases via a reflected cross site scripting vulnerability which is reported that it has not been fixed by Yahoo!. He also said he discovered a SQL Injection hole.
Virus_Hima disclosed the flaws allegingthat Yahoo! had ignored disclosure emails.
Virus_Hima has also claimed that he has “found tens of zero day vulnerabilities in big web sites such as Adobe, Microsoft, Yahoo!, Google, Apple, Facebook,” the hacker posted on Pastebin.