Security researcher Ebrahim Hegazy identified a remote code injection vulnerability affecting several subdomains of Yahoo, Orange, Microsoft and possibly others. Fortunately, the security hole has been fixed. The expert discovered the flaw while analyzing a Yahoo Mexico subdomain, mx.horoscopo.yahoo.net. Here, he identified an administrator panel that could be accessed without login credentials. The researcher calls this an Unauthorized Admin Access or an Indirect Object …