Malaysia mymasjid.net.my’s Web Vulnerability, MySQL Injection

Home / Hacking, News, Security / Malaysia mymasjid.net.my’s Web Vulnerability, MySQL Injection

February 2, 2010 PlanetCreator 0 Comments 0 tags

PlanetCreator has reported another critical MySQL Injection (vulnerability) on www.mymasjid.net.my

This vulnerability has been alerted to :- Webmaster : [email protected]

Applications: â€”â€”â€”â€” PlanetCreatorâ€™s_Universal_Advanced_Internet_Securi ty_T00L
System Time: â€”â€”â€”â€” (UTC+08:00) Kuala Lumpur, Singapore, 2/01/2010 10:01:56 PM
Host IP: 202.75.48.131
Web Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.8
Powered-by: PHP/5.2.8
Current User: myjodoh_rule@localhost
Sql Version: 5.0.87-community
Current DB: myjodoh_mymasjid
System User: myjodoh_rule@localhost
Host Name: server1.myjodoh.net

Data Bases: information_schema
—————– myjodoh_abuheakal
—————–myjodoh_dbwiki
—————– myjodoh_doc
—————– myjodoh_list
—————– myjodoh_myjodoh
—————– myjodoh_mymasjid
—————– myjodoh_ostt1
—————– myjodoh_trans
—————– myjodoh_wikidb
—————– myjodoh_wrdp2

Tables found:

markers,tbact,tbacttemplate,tbart,tbbab,tbcountry,tbforum,tbhadith,tbhadithrs,tbkitab,tbkuliah,tbloc,tblocation,tbmasjidcor,tbmsg,tbpenceramah,tbprofile,tbquran,tbsolat,tbstate,tbsurah,tbtarikh,tbunsub,useronline

In this case, Attacker (Hacker) can easy to retrieve all user and webmaster’s info and password from Database. Yes! there have more than 30,000 (Thirty Thousand) user’s account, mail, password, info

This is screen shot

Myjodoh

PlanetCreator

Explore More

Zlob hacker writes love letter to Microsoft

Here’s a new way to get Microsoft to pay attention to you: slip a brief message into the malicious Trojan horse program you just wrote. That’s what an unnamed Russian

Critical SQL Injection in Red Link

PlanetCreator has reported another critical SQL Injection (vulnerability) on Red Link http://www.redlink.net.mm/ SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of

Critical XSS Vulnerability in Ministry of Information & Broadcasting http://www.ddindia.gov.in

PlanetCreator.Net’s Security Team Member has reported another critical XSS vulnerability on Ministry of Information & Broadcasting http://www.ddindia.gov.in These are some information from Vulnerability Site http://www.ddindia.gov.in: This vulnerability has been alerted

[webapps] FortiWeb Fabric Connector 7.6.x - SQL Injection to Remote Code Execution
on February 4, 2026 at 12:00 am
FortiWeb Fabric Connector 7.6.x - SQL Injection to Remote Code Execution
[local] Docker Desktop 4.44.3 - Unauthenticated API Exposure
on February 4, 2026 at 12:00 am
Docker Desktop 4.44.3 - Unauthenticated API Exposure
[webapps] aiohttp 3.9.1 - directory traversal PoC
on February 4, 2026 at 12:00 am
aiohttp 3.9.1 - directory traversal PoC
[remote] Ingress-NGINX Admission Controller v1.11.1 - FD Injection to RCE
on February 4, 2026 at 12:00 am
Ingress-NGINX Admission Controller v1.11.1 - FD Injection to RCE
[webapps] OctoPrint 1.11.2 - File Upload
on February 4, 2026 at 12:00 am
OctoPrint 1.11.2 - File Upload