Critical Vulnerability: Buy Any Product on eBay in just 0.01 USD

Ever thought to buy an iPhone or a Play Station for free? well you could but its too late now, as an Indian security researcher going with the handle of Ishwar Prasad Bhat had found a critical vulnerability on the world’s largest online shopping website eBay that allowed users to buy any product in just 1 Indian Rupee equivalent to 0.01 USD.

Live Screenshot of vulnerability in eBay:

critical-vulnerability-buy-any-product-on-ebay-in-just-0-01-usd-1

The vulnerability was found on Indian designated domain for eBay (www.ebay.in), which was fixed yesterday after Ishwar reported it to eBay authorities on 6th August, 2013.critical-vulnerability-buy-any-product-on-ebay-in-just-0-01-usd-4

In an email conversation, the security researcher told me about the vulnerability that with the help of this bug he was able to buy the most expensive product on eBay in just 1 Indian Rupee.

However, Ishwar will not get paid for saving eBay from million dollar loose as the company does not any bug bounty program like Facebook and Microsoft. As a reward, eBay has mentioned his name on their official website in the list of security researchers who helped the company in fixing critical vulnerabilities.

Below is the link where eBay has acknowledged services of 122 security researchers including Ishwar Prasad Bhat.

Ishwar is an 18 year old first year student of Veltechmulti Tech Engineering collage at Avadi, city of Chennai,India.

Waqas

Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.