Let me tell you one more website which is highly vulnerable and easy to deface. Its a social website running on a free CMS called joomla. This site is prone to SQL injection and XSS attacks. Test a harmless XSS attack by replacing the cookie variable with 1>"><script%20%0a%0d>alert('XSS Vulnerable')%3B</script>. The website url is http://dhifuraavaru.com/. Note: some modern browsers detect XSS attacks and remove the suspicious scripts from the rendered page.
Saturday, September 26, 2009
DNR Website Vulnerable!
One of many government websites that are vulnerable to hacking is http://www.dnr.gov.mv/ which is the official website for Department of National Registration. I found out that this site can be defaced. No! I have no intentions in defacing the website. My sole intention is to make sure our government websites are secure. You don't believe me? Ok, I will reveal a less harmful vulnerability.To see for yourself checkout this link. Its an XSS vulnerability. Someone can use this website to fool users and do malicious activity! I urge the responsible authorities to fix the vulnerabilities as soon as possible.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Your opinions are welcome here.