scrolling through the Chrome newsfeed, I came across a story by ‘YourStory’ about ExpertRight.
YourStory had covered ExpertRight and gave info. about this startup from Rajasthan, India.
ExpertRight is a platform to hire Freelancers for a short time period work..
This seemed interesting, though nothing very new so I checked out their site…
The Site was good too & then something happened!
As I was surfing the Freelancer’s page, I clicked on a freelancer’s profile to check some info. & there I found out that the url was in the ‘.php?id=’ format.
If you know even some basics about pentesting, you know this can lead to an SQL Injection…
So I tested the site & found that it was indeed vulnerable to SQL Injection Attacks!
I registered on the site & then downloaded all the entries from ‘users’ table in their database (backend MySql) & I did find my info.
I straight away fired a tweet (screenshot below) to Ayush Goyal (ExpertRight) about this and we talked about it.
Of course being a new startup, I was requested to pull off that tweet which I did (screenshot below).
But as you can see that the vulnerability was disclosed in January 2020, it still isn’t fixed & so I decided to shoot a post about it.
If you are one of those who are actually using the platform, I’d just say to be careful until they fix the vulnerability.