RSS

Aegis traced Blind SQL Vulnarability in Aspiring Minds (http://www.aspiringminds.in)

29 Jun

About Aspiringminds :Aspiringminds conduct a nation-wide Computer Adaptive Test to provide a statistically-valid multi-dimensional skill assessment to judge the employment suitability of a large pool of candidates. The multi-dimensional score coupled with innovative filters and graphical visualization lets you find the most appropriate set of candidates for your job profile instantly.

AMCAT Test Conducted at more than 650 companies
Over 20 States
More than 1.65 lakh people written this test

This big organization website got vulnerable with SQL BLIND INJECTION

Vulnerability description

This script is possibly vulnerable to SQL Injection attacks.

SQL injection is a vulnerability that allows an attacker to alter backend SQL statements by manipulating the user input. An SQL injection occurs when web applications accept user input that is directly placed into a SQL statement and doesn’t properly filter out dangerous characters.

This is one of the most common application layer attacks currently being used on the Internet. Despite the fact that it is relatively easy to protect against, there is a large number of web applications vulnerable.

This vulnerability affects /xxxx.php.

Discovered by: Scripting (Blind_Sql_Injection.script).

Advertisements
 
Leave a comment

Posted by on June 29, 2011 in Vulnerable Websites

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: