- Hacker Uses XSS and Google Street View Data to Determine Physical Location
- CAnCAn te iubim, CA CA tine nu gasim. Superfete.cancan.ro e de rahat
- Deface (?!?) pe Cotidianul.ro
- Virusi in clipuri video [how to]
- Cyber-Bullying – palma parinteasca a noului mileniu
- Christopher “moot” Poole: The case for anonymity online
- Wtf Avira?
- Some old story about tagged.com
- Pwning cam girls for fun
- Tabloshit
- Yahoo! again - XSS in Uncategorized (357 Visits)
- Yahoo! again - bad settings? in Uncategorized (252 Visits)
- Fanii nostri in Uncategorized (183 Visits)
- Frustrant in Uncategorized (146 Visits)
- La multi ani România, la multi ani românilor in Uncategorized (137 Visits)
- Weblog.ro - Shell via Local File Inclusion in Uncategorized (119 Visits)
- Yahoo! epic fail - permanent xss unleashed in Uncategorized (50 Visits)
- ... in Uncategorized (38 Visits)
- XSS Ownage - hi5 vs. Yahoo! + video in Uncategorized (2 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/Hi5 (4) in Uncategorized (2 Visits)
- Hackersblog.org is now blog.rstcenter.com in (1800 Visits)
- O mica dar importanta precizare in (1402 Visits)
- Twitter in (846 Visits)
- This is the end in (834 Visits)
- Ce servicii de mail folositi? in (826 Visits)
- Un nou membru in (771 Visits)
- La multi ani România, la multi ani românilor in (762 Visits)
- Inca o pierdere de timp in (709 Visits)
- De reţinut in (669 Visits)
- Azi este ziua userilor hackersblog.org in (644 Visits)
- Hi5.com coders read this in (619 Visits)
- SMS scam (1) in (610 Visits)
- Dezinformare sau proasta informare? in (597 Visits)
- Phishing Raiffeisen cu atasament html in (557 Visits)
- Phishing Bancpost in (524 Visits)
- Si tentativele de phishing pot fi amuzante in (456 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/mail (2) in (2865 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/Hi5 (4) in (2832 Visits)
- Despre CSRF, hi5.com, cum sa trisezi la concursuri s.a.m.d. in (1206 Visits)
- [Utilitare] Suna gratis de pe internet sau de pe iPhone in (1187 Visits)
- Ce nu se invata la scoala - (D)DOS (5) in (1006 Visits)
- Virusi in clipuri video [how to] in (967 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam (1) in (763 Visits)
- Yahoo! redirects - a big issue (with video) in (609 Visits)
- Internet vs. privacy (1) in (503 Visits)
- Ca musca in... in (461 Visits)
- RedTube.com ... The Free Sex Video Community in (13509 Visits)
- usa.kaspersky.com hacked ... full database acces , sql injection in (5410 Visits)
- libertatea.ro vulnerabil la (blind) sql injection in (3079 Visits)
- Telegraph.co.uk hacked, sql injection in (2699 Visits)
- Pwning cam girls for fun in (2693 Visits)
- Facebook hacked - sql injection in (2577 Visits)
- Simpatie.ro, matrimoniale3x.ro, apetisant.ro, deliciu.ro , etc Sql injection in (2550 Visits)
- F-Secure.com - SQL Injection + Cross Site Scripting in (1857 Visits)
- [Hacked]Bitdefender (Portugal) exposes sensitive customer data in (1850 Visits)
- Wtf Avira? in (1801 Visits)
- Christopher "moot" Poole: The case for anonymity online in (1578 Visits)
- Digital Photocopiers Loaded With Secrets in (1491 Visits)
- Hacker Uses XSS and Google Street View Data to Determine Physical Location in (891 Visits)
- Wannabe Hackers [1] - Cum sa hack-uiesti RapidShare-ul in (648 Visits)
- Wannabe Hackers [2] - cum sa faci un virus by sppy_hacker in (631 Visits)
- Hope 2603 – Kevin Mitnick - Life a Computer Hacker – Revealed in (487 Visits)
- PRIVACY IS DEAD - GET OVER IT, Pt 01-34 (Recommended by Hackersblog ) in (418 Visits)
- Oldies but goodies - Freedom Downtime - The Story of Kevin Mitnick in (415 Visits)
- [Video] The History Of Hacking in (395 Visits)
- Email Security - Why You Should Encrypt Your Email - Part One in (388 Visits)
- Deface - tuttoaffari.lastampa.it si citymusiclab.city.corriere.it in (3545 Visits)
- RNS vs. RAI - citizenreport.rai.it hacked. in (3359 Visits)
- Hi5 email finder si sfarsitul a tot ceea ce inseamna privacy in social networking in (3279 Visits)
- Se poate sparge parola de Yahoo? in (2733 Visits)
- Planete-plus-intelligente.lemonde.fr defaced by R.N.S. in (2559 Visits)
- Free SMS time, TrimiteSMS.ro in (2532 Visits)
- Gmail uber hacking in (2471 Visits)
- Cancan.ro spart pentru a doua oara intr-o zi in (2344 Visits)
- Camera de supraveghere a universitatii Alexandru Ioan Cuza din Iasi in (2321 Visits)
- Stiri cu antena3 in (2241 Visits)
Posted on December 4th, 2008
Se pare ca nu doar sentimente.ro are probleme de securitate, ci si un alt site de dating cu trafic frumusel.
Parametrul viewprofile.php?id= fiind vulnerabil la blind sql injection, se pot extrage cu usurintza tabele bazei de date.
Database: dating
114 tabele
+—————————–+
| pro_account_alerts
| pro_active_sessions
| pro_addition_info_content
| pro_advices
| pro_advices_categories
| pro_badwords
| pro_banners_area
| pro_banners_belongs_to_area
| pro_banners_sizes
| pro_banners_table
| pro_billing_country
| pro_billing_entry
| pro_billing_paysystems
| pro_billing_send_requests
| pro_billing_unit
| pro_billing_user_account
| pro_billing_user_period
| pro_blacklist
| pro_blog_main
| pro_blog_settings
| pro_city_spr
| pro_country_spr
| pro_descr_spr
| pro_descr_spr_match
| pro_descr_spr_user
| pro_descr_spr_values
| pro_distance_spr
| pro_fc_bans
| pro_fc_bot
| pro_fc_bots
| pro_fc_connections
| pro_fc_conversationlog
| pro_fc_dstore
| pro_fc_gmcache
| pro_fc_gossip
| pro_fc_ignors
| pro_fc_messages
| pro_fc_moderators
| pro_fc_patterns
| pro_fc_rooms
| pro_fc_templates
| pro_fc_thatindex
| pro_fc_thatstack
| pro_gallary
| pro_gallary_rating
| pro_group_module
| pro_group_period
| pro_groups
| pro_height_spr
| pro_horoscope_signs
| pro_hotlist
| pro_im_ignore
| pro_im_list
| pro_im_message
| pro_interests_spr
| pro_interests_spr_match
| pro_interests_spr_user
| pro_kisslist
| pro_language
| pro_language_spr
| pro_mailbox
| pro_module_file
| pro_module_statistic
| pro_modules
| pro_nationality_spr
| pro_news
| pro_news_feeds
| pro_nl_attach
| pro_nl_click_counter
| pro_nl_clients_lists
| pro_nl_clients_releases
| pro_nl_creleases
| pro_nl_creleases_lists
| pro_nl_form
| pro_nl_forms_lists
| pro_nl_list
| pro_nl_release_attach
| pro_nl_settings
| pro_nl_smtp_server
| pro_nl_snd_users
| pro_nl_templates
| pro_online_notice
| pro_personality_spr
| pro_personality_spr_match
| pro_personality_spr_user
| pro_personality_spr_values
| pro_portrait_spr
| pro_portrait_spr_match
| pro_portrait_spr_user
| pro_portrait_spr_values
| pro_profile_visit
| pro_reference_lang_spr
| pro_region_spr
| pro_relationship_spr
| pro_savesearch
| pro_savesearch_descr
| pro_settings
| pro_subscribe_system
| pro_subscribe_user
| pro_success_stories
| pro_take_tour
| pro_templates
| pro_themes
| pro_user
| pro_user_comment
| pro_user_group
| pro_user_match
| pro_user_profile
| pro_user_rating
| pro_user_topten
| pro_user_types_spr
| pro_user_upload
| pro_video_codes
| pro_weight_spr
+—————————–+
La fel de usor se pot extrage si datele de logare a userilor, cat si a adminilor.
Leave a Reply