Few days ago Sec Indi Security Team exposed a Cross-site request forgery (CSRF) vulnerability in wikileaks website. Again they have found SQL-i on the official website of New York State Senate. Earlier this group have also detected SQL-i vulnerability on the official website of US Senate, also they have hacked the Admin panel of famous Indian website click India. The vulnerability on the NY State Senate is still UN-patched. According to the hackers group - an attack can easily misuse this security flaws and can gain illegal access on the database of the NY Sate Senate.
Proof Of Concept :- http://www.nysenate.gov/committee/administrative_regulations_review_commission_%28arrc%29/updates/feed?type=%27legislation
Posts
