IeDb Team Deface The University of Mazandaran Website

Bad coding and security has been exposed on the University of Mazandaran website by a member of IeDb -Iranian Exploiting Database Team- to allow a defacement of the site.
The hacker MR.M030 has discovered that the ITShomal CMS webpage login at http://nahad.umz.ac.ir/cms/admin/login.asp is vulnerable and has added HTML as shown below.

The source code shows that MR.M030 appears to have re-used the code as “Hacked by black-security” is mentioned and the image for the defacement is served from http://s9.picofile.com/file/8269503134/iedb_def_.png

This is not very good for the reputation of the University of Mazandaran but the defacement is also very basic by MR.M030

The defacement link is here

Leave a Reply

Your email address will not be published. Required fields are marked *