Comments on: Sql Injection in BT.com – episode 1 http://blog.rstcenter.com/2009/03/10/sql-injection-in-bt-dot-com-episode-1/ Tue, 31 Aug 2010 21:45:17 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Yet another big company with SQL Injection problems (British Telecom) | N-Stalker Web Security Community http://blog.rstcenter.com/2009/03/10/sql-injection-in-bt-dot-com-episode-1/comment-page-1/#comment-1565 Yet another big company with SQL Injection problems (British Telecom) | N-Stalker Web Security Community Fri, 13 Mar 2009 23:59:33 +0000 http://blog.rstcenter.com/?p=1523#comment-1565 [...] In last couple of weeks big companies have been attacked and are having big issues with SQL Injection. At this time British Telecom (bt.com) was the target company (see more info at here). [...] [...] In last couple of weeks big companies have been attacked and are having big issues with SQL Injection. At this time British Telecom (bt.com) was the target company (see more info at here). [...]

]]> By: hack http://blog.rstcenter.com/2009/03/10/sql-injection-in-bt-dot-com-episode-1/comment-page-1/#comment-1481 hack Tue, 10 Mar 2009 10:53:31 +0000 http://blog.rstcenter.com/?p=1523#comment-1481 Perfect !! a good :) Perfect !! a good :)

]]> By: Brugner http://blog.rstcenter.com/2009/03/10/sql-injection-in-bt-dot-com-episode-1/comment-page-1/#comment-1480 Brugner Tue, 10 Mar 2009 10:37:29 +0000 http://blog.rstcenter.com/?p=1523#comment-1480 ...but you also have a point here.. fuck them …but you also have a point here.. fuck them

]]> By: 2fingers http://blog.rstcenter.com/2009/03/10/sql-injection-in-bt-dot-com-episode-1/comment-page-1/#comment-1473 2fingers Tue, 10 Mar 2009 09:54:18 +0000 http://blog.rstcenter.com/?p=1523#comment-1473 De cateva zile nimeni nu a catadicsit sa elimine vulnerabilitatea sau sa ne raspunda la mailuri. Nu cred ca cineva care ar vrea sa aiba acces la intreaga baza de date va astepta sa se trezeasca adminul la realitate. De cateva zile nimeni nu a catadicsit sa elimine vulnerabilitatea sau sa ne raspunda la mailuri. Nu cred ca cineva care ar vrea sa aiba acces la intreaga baza de date va astepta sa se trezeasca adminul la realitate.

]]> By: Brugner http://blog.rstcenter.com/2009/03/10/sql-injection-in-bt-dot-com-episode-1/comment-page-1/#comment-1472 Brugner Tue, 10 Mar 2009 09:28:52 +0000 http://blog.rstcenter.com/?p=1523#comment-1472 Dude this is not nice: "confirming full inband sql injection on parameter" mai trebuia asteptat... Dude this is not nice: “confirming full inband sql injection on parameter” mai trebuia asteptat…

]]> By: Tudor http://blog.rstcenter.com/2009/03/10/sql-injection-in-bt-dot-com-episode-1/comment-page-1/#comment-1466 Tudor Tue, 10 Mar 2009 08:44:54 +0000 http://blog.rstcenter.com/?p=1523#comment-1466 Sa inteleg ca linkul afectat este: www.myoffers.bt.com/terms.asp?id= Sa inteleg ca linkul afectat este: http://www.myoffers.bt.com/terms.asp?id=

]]> By: unu http://blog.rstcenter.com/2009/03/10/sql-injection-in-bt-dot-com-episode-1/comment-page-1/#comment-1462 unu Tue, 10 Mar 2009 07:23:01 +0000 http://blog.rstcenter.com/?p=1523#comment-1462 pentru ca i-am anuntat de cel putin 3 ori, cu fff multe zile inainte si nici macar nu ne-au raspuns, da' sa mai remedieze problema. pentru ca i-am anuntat de cel putin 3 ori, cu fff multe zile inainte si nici macar nu ne-au raspuns, da’ sa mai remedieze problema.

]]> By: paul http://blog.rstcenter.com/2009/03/10/sql-injection-in-bt-dot-com-episode-1/comment-page-1/#comment-1461 paul Tue, 10 Mar 2009 07:16:35 +0000 http://blog.rstcenter.com/?p=1523#comment-1461 de ce faceti disclosure inainte ca problema sa fie remediata? e usor pe oricine sa faca o cautare de genul: http://www.google.ro/search?q=bt+broadband+my+offers+terms+site:bt.com+inurl:id%3D&btnG=Căutare&meta= de ce faceti disclosure inainte ca problema sa fie remediata?
e usor pe oricine sa faca o cautare de genul:

http://www.google.ro/search?q=bt+broadband+my+offers+terms+site:bt.com+inurl:id%3D&btnG=Căutare&meta=

]]>