Back in 2007, the partner event registration page of the Microsoft UK events website has been defaced by a hacker who managed to discover and exploit a web application vulnerability in one of the parameters used by the form on the website.
Read more in this article about how an SQL injection vulnerability, server-side enabled error messages, and non-filtered parameters lead to a successful attack.
Get the latest content on web security
in your inbox each week.