PlanetCreator has reported another critical MySQL Injection (vulnerability) on www.mymasjid.net.my

This vulnerability has been alerted to :- Webmaster : [email protected]

Applications: ———— PlanetCreator’s_Universal_Advanced_Internet_Securi ty_T00L
System Time: ———— (UTC+08:00) Kuala Lumpur, Singapore, 2/01/2010 10:01:56 PM
Host IP: 202.75.48.131
Web Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.8
Powered-by: PHP/5.2.8
Current User: myjodoh_rule@localhost
Sql Version: 5.0.87-community
Current DB: myjodoh_mymasjid
System User: myjodoh_rule@localhost
Host Name: server1.myjodoh.net

Data Bases: information_schema
—————– myjodoh_abuheakal
—————–myjodoh_dbwiki
—————– myjodoh_doc
—————– myjodoh_list
—————– myjodoh_myjodoh
—————– myjodoh_mymasjid
—————– myjodoh_ostt1
—————– myjodoh_trans
—————– myjodoh_wikidb
—————– myjodoh_wrdp2

Tables found:

markers,tbact,tbacttemplate,tbart,tbbab,tbcountry,tbforum,tbhadith,tbhadithrs,tbkitab,tbkuliah,tbloc,tblocation,tbmasjidcor,tbmsg,tbpenceramah,tbprofile,tbquran,tbsolat,tbstate,tbsurah,tbtarikh,tbunsub,useronline

In this case, Attacker (Hacker) can easy to retrieve all user and webmaster’s info and password from Database. Yes! there have more than 30,000 (Thirty Thousand) user’s account, mail, password, info

This is screen shot

Myjodoh

PlanetCreator

Explore More

Critical SQL Injection in The Venerable Mahasi Sayadaw’s Website

PlanetCreator has reported another critical SQL Injection (vulnerability) on The Venerable Mahasi Sayadaw’s Website http://www.mahasi.org.mm SQL injection is a code injection technique that exploits a security vulnerability occurring in the

Wireless hack tools 2008

Hi Here is wireless hack tools 2008 http://rapidshare.com/files/12390847...z_2008_AIO.rarhttp://rs166.rapidshare.com/files/12...z_2008_AIO.rar

Critical SQL Injection in mail4U is a production of Bagan Cybertech

PlanetCreator has reported another critical SQL Injection (vulnerability) on mail4U is a production of Bagan Cybertech http://www.mail4u.com.mm/ SQL injection is a code injection technique that exploits a security vulnerability occurring