Blind SQLi in a DoD Website
Medium
U
U.S. Dept Of Defense
Submitted None
Team Summary
Official summary from U.S. Dept Of Defense
A Department of Defense webserver was vulnerable to a SQL injection attack that could have revealed sensitive financial information. @akaki was able to demonstrate this vulnerability by crafting a specially formatted URL. Thank you!
Actions:
Reported by
akaki
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
SQL Injection