Search This Blog

Reckz0r identified POST SQL Injection vulnerability in Twitter

The hacker Reckz0r who recently breached the CNN website has identified a Post based SQL injection vulnerability in Twitter support page.
The hacker Reckz0r who recently breached the CNN website has identified a Post based SQL injection vulnerability in Twitter support page.

'Referrer' parameter in the api_general form located at the support.twitter.com is vulnerable to SQLi. 

Although the vulnerability allow hacker to extract confidential data from Twitter, hacker didn't do involve in any malicious activities because he don't want his account to get suspended.

The screenshot provided by the hacker:



" vulnerability lies in http://support.twitter.com/forms/submitted?regarding=api_general - You see, there might be dozens of vulnerabilities lying in support.twitter.com. We can inject hidden boxes in this kind of atmosphere. " hacker said.
Share it:

Reckz0r

SQL Injection Vulnerability

Vulnerability