PlanetCreator reported another critical SQL injection (vulnerability) on Myanmar Climate Change Watch http://www.tunlwin.com/

SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed.

informed to :- [email protected]

tbluser
tblnews_en
tblnews
tbldownload_en
tbldownload
tblcategory_en
tblcategory
tblattachment_en
tblattachment

If you want to see detail of this vulnerability Click Here (Note :- Registered Member Only- If you are not PlanetCreator.Net Member Sign up Here)

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Joomla Administrator Login BruteForcer for v1.0 and v1.5

#!/usr/bin/python# Joomla Administrator Login BruteForcer for v1.0 and v1.5 # Feel free to do whatever you want with this code!# Share the c0de! # Darkc0de Team # www.darkc0de.com # rsauron[at]gmail[dot]com

Read More

Shell via LFI

>>>>>>>>>>>>>>> Shell via LFI – proc/self/environ method <<<<<<<<<<<<<<< >>>>>>>>>>>>>>> Author : SirGod <<<<<<<<<<<<<<< >>>>>>>>>>>>>>> www.insecurity-ro.org <<<<<<<<<<<<<<< >>>>>>>>>>>>>>> www.h4cky0u.org <<<<<<<<<<<<<<< >>>>>>>>>>>>>>> [email protected] <<<<<<<<<<<<<<< 1 – Introduction 2 – Finding LFI 3

Read More

Timing Attacks with HTML5

HTML 5 and related technologies bring a whole slew of new features to web browsers, some of which can be a threat to security and privacy. This paper describes a

Read More