NU.EDU.PK is UnSecure
Well few days ago ,i found a vulnerability in Lums.Edu.Pk ,I have notify the Dept of Lums but still no action has been taken to secure it.
http://www.nu.edu.pk/campusStaff.aspx?camp=i
http://www.nu.edu.pk/campusStaff.aspx?camp=k
I hope they secure there website as soon as possible.
Today i am pentesting NU.EDU.PK and Found MSSQL INJECTION VULNERABILITY in FAST NATIONAL UNIVERSITY.
Here are the vulner links.http://www.nu.edu.pk/campusStaff.aspx?camp=i
http://www.nu.edu.pk/campusStaff.aspx?camp=k
I hope they secure there website as soon as possible.
| TABLE NAMES | |
| NUSITE_COURSE_GROUP | |
| FAN_Employmentinfo | |
| DLS | |
| STAFF_UNIT | |
| conv_graduates | |
| STAFF_TITLE | |
| F_TEMP | |
| STAFF_DESIGNATION | |
| STAFF_LOCATION | |
| STAFF_DEPARTMENT | |
| STAFF_DEPT_HEAD | |
| RADIX_ResultsSpring2008 | |
| NUSITE_NEWS | |
| RSRusers | |
| RSRscriptstatus | |
| RSRscript | |
| RSRcampus | |
| RADIX_ResultsFALL2007 | |
| NUSITE_FEEDBACK | |
| NUSITE_GROUP_COURSES__ | |
| FAN_ForumTopic | |
| FAN_Graduateinfo | |
| Query$ | |
| NUSITE_DVP | |
| NUSITE_NEWS_070427 | |
| STAFF_PERSONAL | |
| NUSITE_scholarshipType | |
| TeamsTemp | |
| FAN_medals | |
| Depts | |
| FAN_Degree | |
| tempTable | |
| FAN_ConvGuestsinfo | |
| NUSITE_ScholarshipTitle | |
| NUSITE_GROUP_COURSES | |
| NUSITE_COURSE__ | |
| NUSITE_COURSETEMP8-04-10 | |
| FAN_MedalHolders | |
| RADIX_Results_Fall09 | |
| RADIX_Campus | |
| OSP_StudyCenters | |
| OSP_MeritList | |
| OSP_Candidates | |
| FAN_AlumnusStatus | |
| FAN_admin | campusid adminPassword adminLogin adminid |
| Radix2010_Users | |
| NUTES_Results | |
| Radix2010_User | UserName UserId Password Name Email Email |
| NUTES_Preference | |
| FAN_NEWS | |
| Radix2010_Comments | |
| NUTES_Personal | |
| Radix2010_Documents | |
| NUTES_GradResults | |
| FAN_Message | |
| NUTES_MeritList | |
| FAN_FEEDBACK | |
| NUTES_GradMeritList | |
| NUTES_GradDisciplineChoice | |
| Sheet1$ | |
| FAN_ContactType | |
| NUTES_DisciplineChoice | |
| NUTES_Discipline | |
| FAN_Contact | |
| NUTES_Campus | |
| FAN_Campus | |
| FAN_Personalinfo | |
| NUSITE_USERS | |
| NUSITE_PRE_REQUISITE | |
| NUSITE_OPENHOUSE | |
| FAN_Registration | |
| FAN_AlumnusPersonal | |
| FAN_ViewAccess | |
| NUSITE_GRAD_LIST | |
| NUSITE_DVP_210710 | |
| FAN_SalaryRange | |
| NATRES_GradMarks1Aug | |
| TESTING | |
| FAN_MessagesStatus | |
| NATRES_UGMarksbckup23 | |
| RADIX_Results_july72010 | |
| FAN_MessageValidity | |
| NATRES_GradMarksbck23 | |
| RADIX_Results12june2010 | |
| NATRES_UGMarks | |
| RADIX_Results | |
| FAN_GraduationYear | |
| NATRES_GradMarks | |
| NUSITE_COURSE | |
| hitcounter | |
| DLS_Year | |
| FAN_Favourite | |
| DLS_Student | |
| FAN_FASTStudy | |
| NATRES_GradMerit | |
| DLS_Semnum | |
| FAN_FASTStudyLevel | |
| DLS_SemesterDegree | |
| FAN_Education | |
| NATRES_Degrees | |
| DLS_Semester | |
| NATRES_Campus | |
| DLS_DegreeLevel | |
| FAN_ForumResponse | |
| DLS_Degree | |
| RADIX_ResultsFall2008 | |
| DLS_Campus | |
| FAN_Batch | |
| NUSITE_ENEWS | |
| OpenHouse | |
| FAN_jobresume | |
| FAN_ConvocationReg | |
| FAN_ConvGuestsinfoBfore3Dec08 | |
| NU_CAMPUS | |
| FAN_ConvocationRegBfore3Dec08 | |
| JobFair | |
| NUSITE_ScholarshipStudents | |
| Grad_List | |
| NUSITE_COURSE_ | |
| dtproperties | |
| NUSITE_NEWS17Aug07 |
Posts
Post a Comment