Cyber Threat Intelligence – Alerts

July 26, 2016

http://www.aiou.edu.pk – sql vulnerability

Allama Iqbal Open University website : http://www.aiou.edu.pk/All_Dept_List.asp?dt=1 (GET) vuln type : sql injection submitted by : Waqas Haider Poc : Parameter: dt (GET) Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: dt=1;WAITFOR DELAY '0:0:5'– […]
July 26, 2016

www.hu.edu.pk – Sql Vulnerability

website : www.hu.edu.pk/oldwebsitehu/webtest/view_deg_prog.php?id=1 Vuln type : Sql Injection Submitted by : Waqas Haider POC : Vuln-Parameter: id (GET) Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind Payload: id=1 AND SLEEP(5) Title: Generic […]
May 16, 2016

Pakistan FO to seek ISI help against cyber attacks

  The decision comes after Foreign Office (FO) systems have faced three major attacks by hackers over the past 18 months. Islamabad: Pakistan Foreign Office has decided to rope in the country’s top spy agency […]
May 16, 2016

pcb.com.pk – XSS vulnerability

  pcb.com.pk Pakistan Cricket Board (PCB) Official Website. The Pakistan Cricket Board (PCB) is the central industry for cricket in Pakistan which deals with all the concerned matters of Pakistan cricket and International cricket. 22 […]
May 16, 2016

propakistani.pk – XSS vulnerability

  ProPakistani.pk – Latest Technology News and Startups Information. First appeared on May 5th, 2008, ProPakistani is largely known for publishing exclusive and top notch content relating to local telecom and broadband industry.   13 […]
May 8, 2016

https://www.24hours.pk – XSS Vulnerability

  Website : https://www.24hours.pk Bug : Reflected XSS ( Cross site scripting) Submitted By  : Haq Khokhar ( https://twitter.com/Abdulhaqkhokhar ) Location/ URL  :   https://www.24hours.pk/deals/search Vulnerable Field : Search bar Steps to Reproduce : 1)Goto : https://www.24hours.pk and select […]
April 13, 2016

Controversial Cyber Crime Bill approved by NA

Controversial Cyber Crime Bill Pakistan approved by NA The controversial Prevention of Electronic Crimes Bill 2015 was approved in the National Assembly (NA) on Wednesday. The bill must be approved by Senate before it can […]
April 11, 2016

Cyber Alert eduvision.edu.pk – XSS Vulnerability

Cyber Alert eduvision.edu.pk – XSS Vulnerability   EduVision-A project of ease foundation. Eduvision is Pakistan’s largest educational Information website offering Program Finder, Admission Updates, My College, MY Career, On-line counselling and Merit calculators. 11 April, […]