Monday, 21 December 2009

Ketaketi.org(CLFN) SQL Injection vuln

The official website of CLFN (Ketaketi.org) suffers from sql injection attack in bsoftmore.php
A remote attacker can easily get over the site. (Not me actually, i didnt find the login page.) anyway i got the id and passes/ The id and passes are not shown for security here.
Some details:
Site:ketaketi.org
Vuln: SQL injection
Table name: user
Hope they fix it soon
Posted by at

4 comments:

Subscribe to: Post Comments (Atom)