NASA Forum Vulnerable SQL Injection

NASA Forum Vulnerable SQL Injection

TeaMp0isoN Hackers crew today Reveal on twitter that the discussion forum on NASA website athttps://worldwind35.arc.nasa.gov/forum/ is Vulnerable to SQL injection. The discussion Forum script is Powered by Vbulletin. According to hacker, He use Vbulletin 4.0.x => 4.1.3 (messagegroupid) SQL injection Vulnerability Exploit for hacking the Database of Forum . Hacker also expose the Login details of Admin of website on Pastie .