I offers security consulting services within the space of Penetration Testing , Ethical Hacking , Vulnerability Assessments and Security Code and Configuration Reviews ~

New Record of 14 Years Web Security Researcher Ali Hasan Ghauri in the field Of Web Application Security

14 Years Old ,Security Researcher Ali Hasan Ghauri  found Cross Site Scripting Vulnerability on many high profile websites. Recently Ali Hasan found and reported XSS vulnerability in one of the biggest websiteebay and its own website shopping.com

New Record of 14 Years Web Security Researcher Ali Hasan Ghauri in the field Of Web Application Security

New Record of 14 Years Web Security Researcher Ali Hasan Ghauri in the field Of Web Application Security  


Ebay fixed the Vulnerability on both sites and credit his name in Ebay responsible Disclosure Page. This is not finished , he also found XSS Vulnerability on Myspace.com. Myspace don't reply to the Researcher. According to the Researcher , Myspace Vulnerability still exists and he reported about 15 times to the Myspace Security Team but there is no reply to the researcher .

POC is not provided by researcher because the Vulnerability still exists .

This young security researcher also found an XSS vulnerability on Cisco website & reported to the Cisco Security Team.


In the survey of this little boy Blog , he wrote about 150+ website Vulnerability which is fixed now and this 14 Year little boy made a record (Previous record is 16 Years ) for listed on the following websites :

Gitlab
http://blog.gitlab.com/vulnerability-acknowledgements/

BarracudaLabs
http://www.barracudalabs.com/bugbounty/halloffame.html

Ebay
http://pages.ebay.com/securitycenter/ResearchersAcknowledgement.html

wizehive
http://www.wizehive.com/special_thanks.html

Redhat
https://access.redhat.com/site/articles/66234

Opera
http://my.opera.com/securitygroup/blog/2013/04/05/thanks-to-the-researchers

ConstantContact
http://www.constantcontact.com/about-constant-contact/security/report-vulnerability.jsp

CoinBase
https://coinbase.com/whitehat

According to the Researcher , he will be acknowledge in Adobe , Microsoft and At&t in Hall Of Fame because he reported the bug in these websites and they said that next month he will be listed in Hall Of Fame .

XSS Vulnerability on Myspace.com.
This small boy is not small here is a full list with dates that when he founded XSS Vulnerability in Various Websites which are as follows:
  • Ebay XSS Vulnerability Found on Mar/7/2013
  • OLX XSS Vulnerability Found on Mar/7/2013
  • BrainTree Payments DOM Based XSS Vulnerability Found on Jan/5/2013
  • Amazon XSS Vulnerability Found on Feb/21/2013
  • GitLab Critical Bug Found on Feb/6/2013
  • Adobe XSS Vulnerability Found on Feb/23/2013
  • ChinaBuye XSS Vulnerability Found on Dec/15/2012
  • Albaraka DOM Based XSS Vulnerability Found on Jan/10/2013
  • BarracudaLabs Critical Bug Found on Feb/16/2013
  • Cnet XSS Vulnerabilities Found on Feb/27/2013
  • File Hippo XSS Vulnerabilities Found on Feb/20/2013
  • DailyMotion XSS Vulnerability Found on Feb/9/2013
  • Bidvertiser XSS Vulnerability Found on Feb/9/2013
  • W3schools XSS Vulnerability Found on Jan/29/2013
  • Microsoft Critical Bug was Discovered on Feb/12/2013
  • Apple Same Bug just like Microsoft Critical Bug was Discovered on Feb/24/2013
  • Naaptol XSS Vulnerability Found on Dec/13/2012
  • Myspace XSS Vulnerability Found on Dec/27/2012
  • US.Acer XSS Vulnerability Found on Jan/7/2013
  • Hamariweb XSS Vulnerability Found on Jan/8/2013
  • Elance XSS Vulnerability Found on Jan/14/2013 
  • CoinBase XSS Vulnerability Found on April/29/2013
  • Redhat XSS Vulnerability Found on March/16/2013