PlanetCreator.Net’s Security Team member zai22 reported another critical SQL injection (vulnerability) on Dhamma Web http://www.dhammaweb.net

SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed.

informed to :- webmaster

Info-

Error Link - http://www.dhammaweb.net/Sayadaw/view.php?id=432
Domain - http://www.dhammaweb.net
Database - dhamma_photo
Version - 4.0.30-max-log <== ( it's not serious vul coz of 4.0.30 version )
User - [email protected]
Column = 18 columns

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Wake up Adobe; we love your Flash player but not Trojans

Virus developers are taking advantage of the enormous popularity of the Adobe flash player and creating fake Adobe Flash player which installs Trojan horse designed to steal password and personal

Read More

Tips and Tricks about Gmail

While Web-based email is nothing new, Gmail introduces some new and unique concepts. Managing email has become very easy while at the same time having powerful tools to find and

Read More

Critical SQL Injection in Myanmar Teleport – Myanmar Internet Service Provider (formerly known as BaganNet)

PlanetCreator has reported another critical SQL Injection (vulnerability) on Myanmar Teleport – Myanmar Internet Service Provider (formerly known as BaganNet) http://www.myantel.net.mm/ SQL injection is a code injection technique that exploits

Read More