One of the Algerian Banks , Crédit populaire d'Algérie (CPA) Bank is found to be vulnerable to SQL Injection vulnerability. This critical vulnerability was discovered by a Grey-hat Tunisian Hacker "Human Mind Cracker" who usually targets Bank and Government sites.
In an email sent to EHN, the hacker provided the vulnerable link of the site(cpa-bank.dz).
" I reported to them the vulnerability before I hack into the database,2 days without reply or anything...After that I find that the email that they put it in the website for contact is INVALID mail.So I get into the database." The hacker said.
In a paste(heypasteit.com/clip/0NLX) , hacker dumped the compromised data to prove the severity level of vulnerability. It contains Username , passwords ,Email addresses, Phone number, Fax and Location.
