PlanetCreator.Net’s Security Team member $@T0R! reported another critical SQL injection (vulnerability) on Myanmar Online Advertisement URL : http://www.myanmaradv.com/

SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed.

informed to :- webmaster

SQL

http://www.myanmaradv.com/index.php?page=pv&from=user&id=5

If you want to see detail of this vulnerability Click Here (Note :- Registered Member Only- If you are not PlanetCreator.Net Member Sign up Here)

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

fimap v.0.9 released

fimap is a little python tool which can find, prepare, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps. fimap should be something like

Javascript Injection

JavaScript Injection Overview JavaScript is a widely used technology within websites and web based applications. JavaScript can be used for all sorts of useful things and functions. But along with

Infection via HTML

Edit the code on what and how you need it, and yes this is detectable  in many cases, but you could insert a small FUD downloader to be  downloaded via