Heartbleed vulnerability that puts almost three-fourths (3/4) of the world's websites on a vulnerable side. After this Researchers from Detectify found a critical vulnerability in the Google products that leads to reading the 'etc/passwd' and 'etc/host' files of the Google Server
Now once again another biggest photo-sharing site Flickr (owned by Yahoo. Inc) has suffered from severe vulnerability. Security researcher Ibrahim Raafat from Egypt has found the SQL injection vulnerability on the Flickr site.
Raafat claims that he has found two parameters ( page_id and items ) vulnerable to Blind SQL injection and one (Order_id) vulnerable to direct SQL injection. This vulnerability allows the attacker to read the Flickr database. Furthermore successful SQL exploitation can allow attackers to gain database and MYSQL login credentials, by injecting the SQL query.