Full Disclosure mailing list archives
SQL Injection on http://www.salk.edu/events/index.php?id=150
From: Madhur Ahuja <ahuja.madhur () gmail com>
Date: Tue, 26 Jul 2011 12:04:57 +0530
Retreived data using Sqlmap: Public Database: salkpublicweb2 Tables: [5 tables] +----------+ | category | | faculty | | page | | users | | video | +----------+ The users table contains around 80 username and password entries which can be easily retrieved. Madhur _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- SQL Injection on http://www.salk.edu/events/index.php?id=150 Madhur Ahuja (Jul 25)