Critical SQL Injection in GK Power System (Myanmar)
Critical SQL Injection in GK Power System (Myanmar)

PlanetCreator reported another Critical SQL injection (vulnerability) on GK Power System (Myanmar) URL : http://www.gkmyanmar.com/ SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements […]

Continue reading »
#RefRef – Denial of Service ( DDoS ) Tool Developed by Anonymous

Anonymous is developing a new DDoS tool which is said to exploit SQL vulnerabilities to support the group’s future campaigns. So far, what they have is something that is platform neutral, leveraging JavaScript and vulnerabilities within SQL to create a devastating impact on the targeted website. Previously, Low Orbit Ion Canon (LOIC) was the go […]

Continue reading »
Critical SQL Injection in All About Myanmar
Critical SQL Injection in All About Myanmar

PlanetCreator reported another Critical SQL injection (vulnerability) on All About Myanmar (Beta) URL : http://www.allaboutmyanmar.com/ SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements […]

Continue reading »
Clickjacking technique called “content extraction”
Clickjacking technique called “content extraction”

Cookiejacking is a UI redressing attack that allows an attacker to hijack his victim’s cookies without any XSS. Clickjacking attacks have been widely adopted by attackers worldwide on popular websites (eg Facebook) in order to perform some drive to download attacks,click forging, message sending and so on. In previous works on the same matter, new […]

Continue reading »
fimap v.0.9 released
fimap v.0.9 released

fimap is a little python tool which can find, prepare, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps. fimap should be something like sqlmap just for LFI/RFI bugs instead of sql injection. It’s currently under heavy development but it’s usable. The goal of fimap is to improve the […]

Continue reading »