MRTV4 SQL Injection

PlanetCreator reported another Critical Blind SQL injection (vulnerability) on MRTV4 (Myanmar) URL : http://www.mrtv4.net.mm/

SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed.

MRTV4 Blind SQL Injection
MRTV4 Blind SQL Injection

informed to :- webmaster

If you want to see detail of this vulnerability Click Here (Note :- Registered Member Only- If you are not PlanetCreator.Net Member Sign up Here)

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Google Stuff

Querying for vulnerable sites or servers using Google’s advance syntaxes Using “Index of ” syntax to find sites enabled with Index browsing A webserver with Index browsing enabled means anyone

Read More

What are the countermeasures against database attacks?

The following are the countermeasures against database attacks: * Input Sanitization: The Database Administrator must sanitize any input received from a user. The data submitted should be checked for data

Read More

What is DNS hijacking?

DNS hijacking is the process of altering the name server records and redirecting the users to a bogus website. As everyone knows every domain name depends on its name server

Read More