PlanetCreator.Net’s Security Team member zai22 reported another critical SQL injection (vulnerability) on Dhamma Web http://www.dhammaweb.net

SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed.

informed to :- webmaster

Info-

Error Link - http://www.dhammaweb.net/Sayadaw/view.php?id=432
Domain - http://www.dhammaweb.net
Database - dhamma_photo
Version - 4.0.30-max-log <== ( it's not serious vul coz of 4.0.30 version )
User - [email protected]
Column = 18 columns

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Knowledge is power against hacker schemes

Most IT managers neglect to tell users how to avoid falling prey to the dangerous hacker technique of social engineering. Here’s what you need to know. In the past, social

Read More

Web threats to surpass e-mail pests

E-mail has traditionally been the top means of attack, with messages laden with Trojan horses and other malicious programs hitting inboxes. But the balance is about to tip as cybercrooks

Read More

China’s ‘Green Dam-Youth Escort’ Software

Green Dam Youth Escort is the censor ware developed and distributed by Chinese government to filter ‘harmful’ content. Here are some details about the working of the software. ‘Green Dam-Youth

Read More