Panama Papers: Hacker claims SQL injection vulnerability

Discussion in 'Cyber' started by Pathfinder, Apr 16, 2016.

Share This Page

  1. Pathfinder

    Pathfinder Lieutenant Colonel

    Joined:
    Dec 17, 2015
    Messages:
    1,406
    Likes Received:
    2,434
    Location:
    United-States
    Panama Papers: Hacker claims SQL injection vulnerability found in Mossack Fonseca server

    _89063523_panama_index_draft2.jpg
    A hacker, who runs the Twitter handle 1x0123, has claimed to have discovered an SQL injection vulnerability in one of the servers of Panamanian law firm Mossack Fonseca. The firm is currently facing an investigation following the leakage of more than 11 million secret documents called the Panama Papers.

    The hacker found the SQL bug recently on the custom online payment system of Mossack Fonseca called Orion House and put some of the configuration data from the server inside a Paste.ee file. He tweeted saying, "They updated the new payment CMS, but forgot to lock the directory /onion/ here is a config file found inside the directory /onion/orion-config.php."


    read more here:
    http://www.ibtimes.co.uk/panama-pap...rability-found-mossack-fonseca-server-1554559
     
Loading...