SQL injection vulnerability on a DoD website
Medium
U
U.S. Dept Of Defense
Submitted None
Team Summary
Official summary from U.S. Dept Of Defense
A Department of Defense website was vulnerable to a SQL injection attack which may allow an attacker to execute arbitrary SQL commands and expose sensitive data. @0xd0m7 was able to demonstrate this vulnerability by crafting a specially formatted URL.
Actions:
Reported by
0xd0m7
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
SQL Injection