PlanetCreator.Net’s Security Team member zai22 reported another critical SQL injection (vulnerability) on Dhamma Web http://www.dhammaweb.net

SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed.

informed to :- webmaster

Info-

Error Link - http://www.dhammaweb.net/Sayadaw/view.php?id=432
Domain - http://www.dhammaweb.net
Database - dhamma_photo
Version - 4.0.30-max-log <== ( it's not serious vul coz of 4.0.30 version )
User - [email protected]
Column = 18 columns

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

How to send fake emails from any email address

Firstly this isnt my tutorial and i just found it on the net so please dont say that i stole someone elses tutorial. And I dont know if someone has

Cyber Forensics Workshop in Myanmar

I’m here to invite all of my cyber warriors! My friend U Aung Zaw Myint, Principal of M.S.T Computer Center , EC-Council’s Asia Pacific Academia Partner in Myanmar is going

What are the security holes in the Basic Authentication scheme?

The Basic Authentication scheme uses the username and password and encrypts the password using base64 encoding. In spite of this, there are still many security holes in the Basic Authentication