







#Yahoo:

http://pe.horoscopo.yahoo.net , http://mx.horoscopo.yahoo.net , http://ar.horoscopo.yahoo.net

http://co.horoscopo.yahoo.net , http://cl.horoscopo.yahoo.net , http://espanol.horoscopo.yahoo.net

#Microsoft MSN:

http://astrocentro.latino.msn.com/ , http://astrologia.latino.msn.com/ , http://horoscopo.es.msn.com/

http://horoscopos.prodigy.msn.com

#Orange:

http://astrocentro.mujer.orange.es

"It’s A CDN(Content Delivery Network) Service for astrology that cashes the same content to render it for the sub domains of that mentioned vulnerable domains, So all files on one domain will be shown on all other domains on the server."





Today one of the security researcher have bypass the security of the number of tech firm with a single vulnerability. A researcher named as have discovered a Remote Code Execution vulnerability on one of the domain Yahoo that allows him to hack Yahoo along with Microsoft and Orange.Ebrahim is on the hunt for security loop holes in yahoo domain and one of the sub-domain allows him to upload .aspx files which leads to hack Microsoft and Orange too.On the blog post he explained the process as, he had found one admin panel of the yahoo sub-domains which even didn't ask for login credentials and thus allowed unauthorized admin access. You can see the screenshot of the admin panel below...This admin panel allows him to upload .aspx file on the server by sending a POST request to the URL "http://mx.horoscopo.yahoo.net/ymx/editor/inc/GenerateFile.aspx" with the following post content: "".For test Ebrahim have uploaded a file called 'zigoo.aspx' with 'zigoo' as content. After the checking he found the below sites on the same server..Interesting thing he got on this vulnerability is that the page created in Yahoo domain reflected in other domains also. Ebrahim had explain the reason for this hack as follows,For the POC researcher have made aof the vulnerability.Researcher have reported the vulnerability to Yahoo security team, as he had discovered the vulnerability ondomain of yahoo which is not under the bug bounty program of Yahoo , then also Yahoo team have appreciated his work and rewarded him some bounty. Microsoft have didn't gave any reward for his report.This is not the first time that Ebrahim had discovered RCE vulnerability on Yahoo. Earlier, this year he had reported REC vulnerability to Yahoo.