7 matches found
International Islamic University Chittagong: Admin access on http://119.18.148.140/iiuc/ through leaked credentials
The researcher was able to access admin panel using admin credential that leaked as a plain text through error message...
International Islamic University Chittagong: Improper error handler
during the analysis it was found that when we submit the form and try to upload a txt file then it show a error page with internal path disclosure...
International Islamic University Chittagong: #2 Full Path Disclosure on http://119.18.148.140/iiuc/login/logining
This researcher able to bypass our fix on full path disclosure on login page...
International Islamic University Chittagong: SQL injection in http://119.18.148.140/hrd/js/makeemployeeid.php
Hello, The mentioned page takes at least two GET parameters, namely q and departmentname. The two parameters are vulnerable to SQL injection as both are placed into SQL query strings without proper sanitization. It seems like the PHP script uses the affected parameters into two SQL queries, since...
International Islamic University Chittagong: Default credentials on http://119.18.148.140/hrd/
Hello, When the mentioned URL is opened, the user is presented with a login form that logs them into the "HR & Payroll" system of the university. The issue here is that the credentials used are the application's default credentials, which are mentioned here...
International Islamic University Chittagong: Email HTML Injection and Possible Stored Cross-Site Scripting in ieeeiiucsb.org
Hello International Islamic University Chittagong I found a Email HTML Injection in ieeeiiucsb.org Summary: add summary of the vulnerability This attack can be use to create a phishing email using your email app Steps To Reproduce: 1. Go to https://ieeeiiucsb.org/registration/ 2. Choose any event...
Unfixed XSS vulnerability at www.islamicuniversity.nl
Security researcher Denven, has submitted on 23/09/2008 a cross-site-scripting XSS vulnerability affecting www.islamicuniversity.nl, which at the time of submission ranked 2872504 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 02/10/2008. It i...