The Hacker News Logo
Subscribe to Newsletter

European Space Agency SQL vulnerability exploited

The European Space Agency (ESA) is an intergovernmental organisation dedicated to the exploration of space. Hacker going by name "SlixMe" find and exploit SQL Injection vulnerability on a sub domain of website.

Hacker upload dump on his website, where he disclose the SQLi vulnerable link and Database tables also. Hacker also mention that other 5 domains are also hosted on same server, that can be exploited if he will be successful to exploit one site completely.

Exploited Domain : http://television.esa.int/


Method mentioned as "PostgreSQL AND error-based - WHERE or HAVING clause". In further discluse the PayLoad of injection also published.

Site is vulnerable at time of publishing this article.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.