`Hey,
this is my first time that i report a vulnerability to a mailing list.
The problem on the Akiva Webboard is, that you can login as
Administrator with admin'-- (SQL Injection) and if you go to the
adminprofil you can see the Adminpasswort in the HTML code.
The current version is 9. I do only know this issue and verified it with
the UN DESA ( /Department of Economic and Social Affairs) webboard 8.x /
http://esaconf.un.org/WB/Default.asp?LogIn=yes&action=7
<http://esaconf.un.org/WB/Default.asp?LogIn=yes&action=7>.
I post this to the hacker news (he retweeted it) and some guys added
"hacked by" in the signature... :|
As usual i cant contact the right person on UN to fix this issue. What
do you think about it?
Kind regards,
Alexander Fuchs
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation