|
Full Disclosure
mailing list archives
SQL Injection on http://www.salk.edu/events/index.php?id=150
From: Madhur Ahuja <ahuja.madhur () gmail com>
Date: Tue, 26 Jul 2011 12:04:57 +0530
Retreived data using Sqlmap:
Public Database: salkpublicweb2
Tables:
[5 tables]
+----------+
| category |
| faculty |
| page |
| users |
| video |
+----------+
The users table contains around 80 username and password entries which
can be easily retrieved.
Madhur
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
- SQL Injection on http://www.salk.edu/events/index.php?id=150 Madhur Ahuja (Jul 26)
| 
