Indianapolis Super Bowl 2012 Site Vulnerable to Attacks

SHARE: Adjust text size:
- Indianapolis Super Bowl 2012 website
Alexander Fuchs, one of the researchers of the Vulnerability Lab, identified two high severity SQL Injection flaws on the official website of the Indianapolis Super Bowl 2012 (indianapolissuperbowl.com). Estimated as being critical risk vulnerabilities, they could allow an attacker to execute SQL commands via a remote SQL injection. The security hole was reported to the site’s administrators on the day of the big game, the issue being taken care of sometime between then and February 10, when the weakness was publicly disclosed. The presence of the vulnerability was a cause for concern because, even though the game passed, there were a lot of Internet users that still visited the site, turning them all into potential victims in case a cybercriminal spotted the flaw and decided to take advantage of it. Add me on Google+
FILED UNDER: vulnerability super bowl SQLI

TELL US WHAT YOU THINK:

632 hits · 2 comments · Link to this article · Print article · Send to friend · Subscribe to news

Comment #1 by: Orunu on 11 Feb 2012, 01:16 UTC	reply to this comment
lol not only was this vuln disclosed on the day of the game someone hacked and defaced it aswell on that day.

Comment #1.1 by: Alex on 21 Feb 2012, 22:28 GMT

Hey, yes i know. An other hacker leaked data on pastebin before i could report the vulnerability. bad luck.

SUBMIT PROGRAM \| ADVERTISE \| GET HELP \| SEND US FEEDBACK \| RSS FEEDS \| UPDATE YOUR SOFTWARE \| ROMANIAN FORUM
© 2001 - 2012 Softpedia. All rights reserved. Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.	Copyright Information \| Privacy Policy \| Terms of Use