Unrestricted File Upload @ Web-Based Teaching System Myanmar

Critical Unrestricted File Upload vulnerability found @ Web-Based Teaching System (Myanmar) URL : http://www.wbts.com.mm Malicious Attacker can upload some file to server without permission ! And It has persistent XSS vulnerability. Cross Site Scripting is a client-side attack where an attacker can craft a malicious link, containing script- code which is then executed within the […]

Hacked Information and Proof of Concept @ PlanetCreator.net

“Hacking” In this category, We’re going to post Hacker’s proof-of-concept. Unless you know how to hack, you can not defend yourself from hackers. We’ll know how hack hacks and how they got hacked. So, share your hacked info as following and email to theplanetcreator<-at->gmail.com < Your Nick Name > < Proof-of-Concept > Note: No PoC, […]

Myanmar Hacker Groups Hacked Bangladesh Sites

Hacker groups from Myanmar ..:: [email protected]@r H4ck3rs Unite4m / Myanmar Cyber Army / Blink Hacker Group / Myanmar Cracking Team / Team Destroyer Army ::..  hacked 20 bangladesh web sites yesterday and posted at their official site http://www.blinkhackergroup.org as follow, You may hack one of Myanmar site (which server is weak, got many time hacked […]

Critical persistent xss vulnerabilities at IPAY : Myanmar Online payment Official Site

This evening, I found a fascinated  big bill board “IPAY” http://www.ipay.com.mm at Thamine Junction, Yangon, Myanmar. Then, I said my friend “googl3group” about it, and said  “NO XSS, NO SQL Injection, NO RFI, NO LFI”! … Yeah, NO DATABASE too! he said… LOL… After a few minutes, “googl3group” send me a link to check XSS […]

Critical SQL injection (vulnerability) in Wati’s Official Website URL : http://www.wationline.com/

PlanetCreator reported another Critical SQL injection (vulnerability) on Wati’s Official Website URL : http://www.wationline.com/ SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or […]