PlanetCreator reported another critical SQL injection (vulnerability) on Myanmar Climate Change Watch http://www.tunlwin.com/

SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed.

informed to :- [email protected]

tbluser
tblnews_en
tblnews
tbldownload_en
tbldownload
tblcategory_en
tblcategory
tblattachment_en
tblattachment

If you want to see detail of this vulnerability Click Here (Note :- Registered Member Only- If you are not PlanetCreator.Net Member Sign up Here)

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Hacking Your Computer – Physical Access is Total Access

Hacking Your Computer – Physical Access is Total Access Table of Contents -Disclaimer -Introduction Part 1: Gaining Access -LiveCDs -Windows Option 1: Cracking the Password -Windows Option 2: Circumventing the

Read More

Non-persistent XSS vulnerabilities Sam’s Whois

Sam’s Whois is a free php class with supporting scripts which make adding a domain name whois lookup to your website incredibly simple. Main Features * All major tlds supported

Read More

Expert Tips for Keeping Google Hacks at Bay

The first step for protecting yourself from something is knowing how that something works. In the case of Google hacking, you will have to learn how it can be used

Read More