The Yahoo Contributors Network allows writers, photographers, and videographers to share their knowledge and passion (…) and earn money by pushing your unique perspectives…” From the looks of the database and description, the database may have carried sensitive and private personal information for those participating and getting paid from their work. While looking around the website, I came across a two vulnerabilities in the following URL/files: http://contributor.yahoo.com/forum/search/? and http://contributor.yahoo.com//library/payments/data-table/?
more here...........http://nahamsec.com/2014/10/a-tale-of-2-yahoo-bug-bounty-reports/
more here...........http://nahamsec.com/2014/10/a-tale-of-2-yahoo-bug-bounty-reports/