@QuisterTow tweeted earlier that he has breached the Electrical and computer engineering subdomain of the University Of Miami (ece.miami.edu). The vulnarbility was in a test index “testindex.php” and was vulnerable to SQL injection.
In the tweet he including a Pastebin link with database names and table names of one of the databases.
Databases [+] bme cascm coediag db406973105 db_transfer directory donors eaborgserver eaborgusers ece engineering_faculty -------[current database] engineering_research excel information_schema mysql preg_test registration test
Table names of the database “engineering_faculty”
Blank BlankIds PBMPRB PBMPRBC PBMPRM PJRJAERCP PJRJAERJA POWPAP monthrep repmonth search tb_department tb_employee_type tb_experience tb_experience_details tb_faculty tb_faculty_education tb_faculty_experience tb_faculty_goals tb_faculty_intr tb_faculty_professional tb_faculty_publication tb_faculty_security_question tb_faculty_service tb_faculty_teaching tb_faculty_wsycv tb_higher_education tb_interest_link tb_month tb_permission tb_professional tb_professional_details tb_publication tb_publication_details tb_security_question tb_service tb_staff tb_teaching tb_teaching_details tb_user_and_passw test usersdata view_faculty_publication