MySQL.com Database Hacked via SQL Injection


Recommended Posts

MySQL.com Database Hacked via SQL Injection

Hackers have compromised the database of MySQL.com, as well as the French, German, Italian, Japanese and other localized versions of the website, ironically by exploiting an SQL injection vulnerability.

A hacker calling himself Jackh4xo took credit for the compromise by reporting it on the popular Full Disclosure mailing list. The report included information about the vulnerable parameter, a list of tables from several databases and a list of database users with hashed passwords.

Soon afterwards, Romanian hacker TinKode published a more complete report on his blog claiming that it was he and a friend who discovered the vulnerability a few months ago and that it wasn't supposed to be made public.

"In this morning our friend Jackh4x0r decided to make public a vulnerability in MySQL.com. It’s about an parameter vulnerable to SQL Injection, what we (TinKode & Ne0h) had found with few months ago [sic.]," the hacker writes.

More on this topic - http://news.softpedia.com/news/MySQL-com-Database-Hacked-via-SQL-Injection-191635.shtml

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...