How Got Hacked

MySQL Injection In

Hello friends today i a going to share my find in which is MySQL Injection and i thing that this was the vulnerability which was used by the attacker to hack into the server and dump the data . So lets get started.

Introduction :-

SQL injection refers to the act of someone inserting a MySQL statement to be run on your database without your knowledge. Injection usually occurs when you ask a user for input, like their name, and instead of a name they give you a MySQL statement that you will unknowingly run on your database.

And you can get more details on this over OWASP .

History :-

This vulnerability was first reported to them on 11/2/15 and there was no response to the email and was unattended until they got hacked here is the image of the email that i sent.


My Report

And after that i got there reply like this.


and that was it after the report there was no reply after that even though i contacted them many time for any update and the issue was not solved.

And  when they were hacked then i got this reply from them which was quite a surprise for me to see this email.

After Hack

Now the vulnerability was fixed after this email and i an glad they did take it seriously so enjoy the POC and do share it with your friends.

Here is the Video POC of the vulnerability.


Please enter your comment!
Please enter your name here