Panama Papers: Hacker claims SQL injection vulnerability

Discussion in 'Cyber' started by Pathfinder, Apr 16, 2016.

Share This Page

  1. Pathfinder

    Pathfinder Lieutenant Colonel

    Dec 17, 2015
    Likes Received:
    Panama Papers: Hacker claims SQL injection vulnerability found in Mossack Fonseca server

    A hacker, who runs the Twitter handle 1x0123, has claimed to have discovered an SQL injection vulnerability in one of the servers of Panamanian law firm Mossack Fonseca. The firm is currently facing an investigation following the leakage of more than 11 million secret documents called the Panama Papers.

    The hacker found the SQL bug recently on the custom online payment system of Mossack Fonseca called Orion House and put some of the configuration data from the server inside a file. He tweeted saying, "They updated the new payment CMS, but forgot to lock the directory /onion/ here is a config file found inside the directory /onion/orion-config.php."

    read more here: