Welcome to BeerMoneyForum.com - BIGGEST MAKE MONEY FORUM ONLINE

Join us now to get access to all our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, and so, so much more. It's also quick and totally free, so what are you waiting for?
Blue
Red
Green
Orange
Voilet
Slate
Dark
  Guest viewing is limited

❕NEWS Funny bug found on Shopify

Reznov

Emerald Member
LV
0
 
Joined
May 17, 2019
Messages
3,981
Reaction score
460
Points
170
Awards
3
Age
23
Location
Morocco
BMF Points
$433
Rating - 87.5%
7   1   0
Fateh Sevemle, a turkish hacker that was trying for 4 years to find if there's any bug in shopify, he he injected his payload of XSS bug in the name of a seller that he was trying the bugs in his store .
And recently after 4 years, an alert appeared in the internal admin panel of people that are working in shopify (admins and not sellers), they contacted him in the email he used in that payload to send him reports in his hackerone account, he got 5000$ for finding this bug.
The bug was blind, which means the hacker couldn't see anything about it (randomly found), and the bug was finally called "Time-Traveling XSS" because it combined between Stored+Blind+triggers after years.
 
Fateh Sevemle, a turkish hacker that was trying for 4 years to find if there's any bug in shopify, he he injected his payload of XSS bug in the name of a seller that he was trying the bugs in his store .
And recently after 4 years, an alert appeared in the internal admin panel of people that are working in shopify (admins and not sellers), they contacted him in the email he used in that payload to send him reports in his hackerone account, he got 5000$ for finding this bug.
The bug was blind, which means the hacker couldn't see anything about it (randomly found), and the bug was finally called "Time-Traveling XSS" because it combined between Stored+Blind+triggers after years.
He finally found what he was looking for after a number of years and I hope he derived loads of satisfaction from that. He just has to.?
 
He finally found what he was looking for after a number of years and I hope he derived loads of satisfaction from that. He just has to.?
actually he didn't find any bug, the bug was that he could install a payload in shopify and nobody managed to find it till 4 years passed, which is the funniest part xD
 
Ah, ethical hackers. I love working as one in the future. I know one other guy who found a weakness in PS4 system and he got paid 10,000 USD by Sony for finding that bug.
 

📢 Recommended Partners

MGID - Native Performance & Programmatic Advertising Platform MGID Team
0.00 star(s) 0 ratings
Updated
Roobet.com | Crypto’s Fastest Growing Casino 🦘 Roobet.com
0.00 star(s) 0 ratings
Updated
Duckdice.io - Top Crypto Gambling - Bitcoin Dice DuckDice.io
0.00 star(s) 0 ratings
Updated
BMFAds.com - Advertise and Monetize Your CPC, CPM, POP Traffic BMF Staff
4.00 star(s) 4 ratings
Updated

banner

REWARDS: Active Raffles


  • 🤑 Roll 3: Win 100,000 BMF Points!

    The entry period for this raffle ends in..
Back
Top Bottom

Earnings Disclaimer:  All the posts published herein are merely based on individual views, and they do not expressly or by implications represent those of BeerMoneyForum.com or its owner. It is hereby made clear that BeerMoneyForum.com does not endorse, support, adopt or vouch any views, programs and/or business opportunities posted herein. BeerMoneyForum.com also does not give and/or offer any investment advice to any members and/or it's readers. All members and readers are advised to independently consult their own consultants, lawyers and/or families before making any investment and/or business decisions. This forum is merely a place for general discussions. It is hereby agreed by all members and/or readers that BeerMoneyForum.com is in no way responsible and/or liable for any damages and/or losses suffered by anyone of you.