As a Bug Bounty Hunter, I love to update myself about my favorite program from time to time. I still remember Mega has recently launched ‘Mega Business‘, business focusing services that cost around 10 EUR per user/month.
SQL Injection On MEGA.NZ
While checking Detectify Lab, I came across XSS Vulnerability on MEGA.CO.NZ which was found by Frans Rosen so I though of doing some test on MEGA but I ended with none. I didn’t give up ! after a while I thought of scanning & looking into sub domain of both mega.nz and mega.co.nz and found out eye catching sub-domain.