PlanetCreator has reported another critical SQL Injection (vulnerability) on Perfect Magazine : Myanmar Fashion, Entertainment, News, Wrtitings and Asrology for all myanmar people http://www.perfectmagazineonline.com

This vulnerability has been alerted to :- [email protected]

Applications: ———— PlanetCreator’s_Universal_Advanced_Internet_Security_T00L
System Time: ———— (UTC+08:00) Yangoon, Myanmar , 18/09/2010 03:20:20 AM
Host IP: 65.163.13.219
Database: perfectmm

Some Tables are as follow :
pf_team
pf_successnotes
pf_style
pf_story
pf_sayings
pf_remark
pf_poem
pf_person
pf_perfect_news
pf_month_list
pf_mmstory
pf_mm_month
pf_member
pf_member
pf_letterbox
pf_joke
pf_intstory
pf_horoscope
pf_health
pf_global_news
pf_entertainment_news
pf_daylist
pf_coverstory
pf_contents
pf_challenge
pf_beauty
pf_article
pf_advertising
pf_adv_type
pf_adminaccount

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

How to “become” a google bot

What you’ll need: Firefox, The Modify Headers extension for firefox. What you can do: Many sites allow google to look into their forums, in order to get more traffic by

Read More

Investigate Google’s Gmail, Docs and other products: EPIC Petitions to FTC

Electronic Privacy Information Center (EPIC) a privacy group based in Washington, D.C filed a petition to Federal trade commission to investigate the Google’s cloud computing offerings. They asked FTC to

Read More

Tracking Down A BotNet

This will not be very long, nor will I go into excessive amounts of detail into the tools and steps required. The purpose of this paper is simply to help

Read More