Back in 2007, the partner event registration page of the Microsoft UK events website has been defaced by a hacker who managed to discover and exploit a web application vulnerability in one of the parameters used by the form on the website.
Read more in this article about how an sql injection vulnerability, server side enabled error messages and non filtered parameters lead to a successful attack.
Get the latest content on web security
in your inbox each week.