I checked the IBB's portfolio and the sites it develops uses the same script and it is vulnerable to SQL injection. Check my previous post for more on knowing this:
http://nepsecvulns.blogspot.com/2009/12/party-popper-wwwpartypoppercomnp-sqli.html
The same mysql injection is valid but filtering takes so you need to bypass filters (not hard). I would recommend you to google for mysql injection cheatsheets and learn and practice hacking in these sites.
Nepali Hackers Are Not Dead, They Are Underground and Might Be At Your Root
Showing posts with label ibb developers. Show all posts
Showing posts with label ibb developers. Show all posts
Thursday, 10 December 2009
Subscribe to:
Posts (Atom)