Chirag Singh found SQL-i vulnerability on Hazara University of Pakistan
Vulnerable Website:-
Vulnerable Link:-
Showing posts sorted by relevance for query Chirag Singh. Sort by date Show all posts
Showing posts sorted by relevance for query Chirag Singh. Sort by date Show all posts
Chirag Singh found SQL-i vulnerability on Hazara University of Pakistan
SQl-i Vulnerability Found By Chirag Singh on 7 Websites (Govt Of Pakistan, Nepal & Bhutan)
SQl-i Vulnerability found by Chirag Singh on 7 websites including Pakistan University, Pakistan Govt. Nepal Govt. Nepal TV, Bhutan Govt. and so on.
Bahauddin Zakariya University, Multan, Pakistan
Vulnerable Website:-
http://www.bzu.edu.pk/
Vulnerable link:-
http://www.bzu.edu.pk/departmentindex.php?id=48
Gender Justice through Musalihat Anjuman Project(GJTMAP)
Vulnerable Website:-
http://gjtmap.gov.pk/
Vulnerable link:-
http://gjtmap.gov.pk/ngos/sb_bro_ngo.php?id=14
Mercantile Communication Pvt. Ltd.
Vulnerable Website:-
http://www.mos.com.np/
Vulnerable link:-
http://www.mos.com.np/description.php?id=115
Nepali Videos-Live TV
Vulnerable Website:-
http://www.npvideo.com/
Vulnerable Link:-
http://www.npvideo.com/channel.php?id=1
National Statistic Bureau of Bhutan
Vulnerable Website:-
http://www.nsb.gov.bt/
Vulnerable link:-
http://www.nsb.gov.bt/index.php?id=11
Small & Medium Enterprises Development Authority of Pakistan
Vulnerable Website:-
http://www.smeda.org.pk/
Vulnerable link:-
http://www.smeda.org.pk/main.php?id=34
Travelling Birder-Travel agency of Nepal
Vulnerable Website:-
http://www.travellingbirder.com/
Vulnerable link:-
http://www.travellingbirder.com/tripreports/view_birding_tripreport.php?id=220
Threat:-
1700+ user data have been dumped and have been uploaded to pastebin here is the link
link of pastebin- http://pastebin.com/yKhASf28
Jadavpur University Official Website is Vulnerable to Sql Injection
Jadavpur University Official Website is Vulnerable to Sql Injection
An ethical hacker from India named Chirag Singh have figured out serious loopholes in the official website of Jadavpur University -one of the most renowned and prestigious university of India. Chirag find blind Sql injection vulnerability which can be exploited by malicious purpose in order to harm the website and gain access. From the vulnerability report submitted by the hacker, it has been found that the web-server of Jadavpur University is using Red Hat Enterprise Linux 5 (Tikanga) where the web application technologies are Apache 2.2.3 and PHP 5.1.6; along with the back-end database is PostgreSQL. The hackers also managed to dump 11 database with more than 215 tables as shown in the picture below
This issue has already been reported to the concern person and the webmaster of Jadavpur University, and due to security and privacy we are not exposing and mention the vulnerable link and dumped database.
