Tuesday 27 October 2009

Enasha SQLi vulnerability

Enasha.com SQLi vulnerability:

Site: www.enasha.com
Risk: Medium - High
Notified: YES
Action from Admin: N/A
Vulnerable file: Admins, check email
Exploit: The different pages do not validate the inputs from user which can be used to compromise the database.
Solution: sam207 has written an article on it.

Sample screenshot:

See the title of the site...

1 comment:

  1. Nice find bro... Keep it up... :) Just sorry that how vulnerable we are...

    ReplyDelete