Malaysia Government DBKL Web Vulnerability (2nd)

Home / Hacking, News, Security / Malaysia Government DBKL Web Vulnerability (2nd)

February 12, 2010 PlanetCreator 0 Comments 0 tags

PlanetCreator has reported Critical XSS vulnerability on Official Portal of Kuala Lumpur, Malaysia Web Site,

http://www.planetcreator.net/2009/09/criti…aysia-web-site/

and

http://www.xssed.com/mirror/64058/

but nobody takes action ~~~ How come?

Hello, DBKLâ€™s Staffs! Are you just looking for your license fees? (Yeah- I paid 300RM for my company and 100RM for your Teh Tarik (Coffe` Fees), cos if you donâ€™t pay money to DBKL, you wonâ€™t get license as wellâ€¦

) â€¦

Donâ€™t just going to around and finding some funds for urself, come up and check out ur web! Many Hackers are watching .Gov websites!â€¦.

This is second time!

Applications: â€”â€”â€”â€” PlanetCreatorâ€™s_Universal_Advanced_Internet_Security_T00L
System Time: â€”â€”â€”â€” (UTC+08:00) Kuala Lumpur, Singapore, 1/30/2010 11:01:56 PM
Microsoft SQL Server 2000 â€“ 8.00.2050 (Intel X86) Mar 7 2008 21:29:56 Copyright Â© 1988-2003 Microsoft Corporation
Enterprise Edition on Windows NT 5.2 (Build 3790: Service Pack 2)

Databases: master
â€”â€”â€”â€”tempdb
â€”â€”â€”â€”model
â€”â€”â€”â€”msdb
â€”â€”â€”â€”pubs
â€”â€”â€”â€”Northwind
â€”â€”â€”â€”DBKL
â€”â€”â€”â€”penjaja
â€”â€”â€”â€”dbkl_test
â€”â€”â€”â€”dbkl_datakeyin
â€”â€”â€”â€”lesendmg

This is your Tables & Columns

Download Tables & Columns ! http://www.planetcreator.net/images/mmso/dbkl.txt

We hope that their security staff will look into this issue and fix it as soon as possible.

Explore More

LFI Scanner By GlaDiaT0R

#!/usr/bin/perl #LFI Scanner By GlaDiaT0R #My Mail: the_gl4di4t0r[AT]hotmail[DOT]com #Home Page: DarkGh0st.Com #Greetz To Boomrang_victim, Marwen_Neo & All Tunisian Hackers #www.darkgh0st.net #www.tunisian-power.net More Info http://www.planetcreator.net/planetcreator/perls.php?id=37

Double Your Defense with a Double Firewall

If you have a home network router, your computer and other computers on the network (such as your spouseâ€™s laptop and your childrenâ€™s computer) are protected from the outside world.

Security Alert to www.mtv.co.kr, MySQL Injection

Hi, http://www.mtv.co.kr Webmaster This is PlanetCreatorâ€™s Security Te@am & Hackers Group, PlanetCreator has reported Critical SQL Injection vulnerability on http://www.mtv.co.kr/ Website. Informed to [email protected] Some of your Webâ€™s Data Information

[webapps] FreeBSD rtsold 15.x - Remote Code Execution via DNSSL
on December 25, 2025 at 12:00 am
FreeBSD rtsold 15.x - Remote Code Execution via DNSSL
[webapps] Chained Quiz 1.3.5 - Unauthenticated Insecure Direct Object Reference via Cookie
on December 25, 2025 at 12:00 am
Chained Quiz 1.3.5 - Unauthenticated Insecure Direct Object Reference via Cookie
[webapps] WordPress Quiz Maker 6.7.0.56 - SQL Injection
on December 25, 2025 at 12:00 am
WordPress Quiz Maker 6.7.0.56 - SQL Injection
[webapps] esm-dev 136 - Path Traversal
on December 16, 2025 at 12:00 am
esm-dev 136 - Path Traversal
[webapps] Summar Employee Portal 3.98.0 - Authenticated SQL Injection
on December 16, 2025 at 12:00 am
Summar Employee Portal 3.98.0 - Authenticated SQL Injection