Search This Blog

Powered by Blogger.

Blog Archive

Labels

Teleton Colombia database hacked by LulzSec Argentina

LulzSec Argentina hacktivist dumped database by exploiting SQL injection vulnerability in Teleton.org.co

LulzSec Argentina hacktivist has managed to identify multiple security flaws in the Teleton Colombia website(www.teleton.org.co) -   fundraising event broadcast on television.

The hacker managed to exploit the SQL Injection vulnerability in the website and extracted the database.  He dumped the database in a paste (pastebin.com/hY4ibzmn).

The leak contains personal information including names, date of birth, email addresses, usernames.

The hacker leaked the admin user id and password(plain-text) in one of the tweet posted in his official twitter account.

He also identified a Non-persistent Cross site scripting vulnerability in the Teleton.org.co. POC Code :
teleton.org.co/buscar/articulo/?texto=1<ScRiPt >prompt(910244)</ScRiPt>
Share it:

Anonymous Hacker

Database hacked

Database Leaked

hacker news

IT Security News

LulzSec Argentina