A security researcher that goes by the Twitter name @WilyXem, a pen-tester from Spain. Earlier we posted a false claim, which was just a SQL error, not necessarily a SQL injection vulnerability.
@WilyXem notified us and then found a real vulnerability within one of Harvard’s sub domain.
You can view the Tweet announcing the exploit below:
http://t.co/YPktfuRQ – Subdomain SQL Injected by WilyXem. http://t.co/VFQipGT8 @Zer0Security @ehackingnews @Softpedia @securityninja
— WilyXem (@WilyXem) January 30, 2013