Back in 2007, the partner event registration page of the Microsoft UK events website has been defaced by a hacker who managed to discover and exploit a web application vulnerability in one of the parameters used by the form on the website.

Read more in this article about how an sql injection vulnerability, server side enabled error messages and non filtered parameters lead to a successful attack.

SHARE THIS POST
THE AUTHOR
Acunetix

Acunetix developers and tech agents regularly contribute to the blog. All the Acunetix developers come with years of experience in the web security sphere.