DNR Website Vulnerable!

One of many government websites that are vulnerable to hacking is http://www.dnr.gov.mv/ which is the official website for Department of National Registration. I found out that this site can be defaced. No! I have no intentions in defacing the website. My sole intention is to make sure our government websites are secure. You don't believe me? Ok, I will reveal a less harmful vulnerability.To see for yourself checkout this link. Its an XSS vulnerability. Someone can use this website to fool users and do malicious activity! I urge the responsible authorities to fix the vulnerabilities as soon as possible.

Let me tell you one more website which is highly vulnerable and easy to deface. Its a social website running on a free CMS called joomla. This site is prone to SQL injection and XSS attacks. Test a harmless XSS attack by replacing the cookie variable with 1>"><script%20%0a%0d>alert('XSS Vulnerable')%3B</script>. The website url is http://dhifuraavaru.com/. Note: some modern browsers detect XSS attacks and remove the suspicious scripts from the rendered page.


Post a Comment

Do you have an opinion? Feel free to express your views!