PlanetCreator.Net’s Security Team Member has reported another critical SQL Injection (vulnerability) on The New Era Journal http://khitpyaing.org/
These are some information from Vulneral Site http://khitpyaing.org/ :

his vulnerability has been alerted to webmaster

Table

kp_category,kp_comment,kp_news,kp_user,view_count

Columns

edit_id,id,sort_index,text,show_home,parent,parent_id,show_tab,approved,id, news_id,name,email,title,text,type,approved,id,news_title,intro,news_body,keyword, author,news_date,category_id,show_home,top,approved,image,view_count,type,id, name,pwd,email,approved,level,id,news_id,view_count

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Extensive SQL Injection Tutorial

( This is one of the most extensive and most usefull tutorials about this subject I’ve seen read this and you’ll be sure to get a beter understanding! ) TABLE

Read More

The Internet or Cyber Laws

Internet is a behemoth, cutting across physical country boundaries and accessible to anyone and everyone from any corner of the world. Precisely due to this pervading nature, Internet is not

Read More

Non-persistent XSS vulnerabilities Sam’s Whois

Sam’s Whois is a free php class with supporting scripts which make adding a domain name whois lookup to your website incredibly simple. Main Features * All major tlds supported

Read More