Hi, http://www.mtv.co.kr Webmaster

This is PlanetCreator’s Security Te@am & Hackers Group, PlanetCreator has reported Critical SQL Injection vulnerability on http://www.mtv.co.kr/ Website.

Informed to [email protected]

Some of your Web’s Data Information are as follow,

Applications: ———- PlanetCreator’s_Universal_Advanced_Internet_Security_T00L
System Time: ———(UTC+08:00) Kuala Lumpur, Singapore, 03/01/2010 5:56:19 AM
Host IP:    222.122.55.12
Web Server:     Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.10 with Suhosin-Patch mod_ssl/2.2.8 OpenSSL/0.9.8g
Powered-by:     PHP/5.2.4-2ubuntu5.10
DB Server:    MySQL >=5
Current User:     [email protected]
Sql Version:     5.0.51a-3ubuntu5.4-log
System User:     [email protected]
Host Name:     db2.mtv.co.kr
DB User & Pass:     root:*4FEDAB890B33E3C8EC621AAB518FCF66A17E2E9D:localhost
root:*4FEDAB890B37E3C8EC621AAB513FCF66A17E2E9D:db2.mtv.co.kr
root:*4FEDAB890B37E3C8EC621AAB513FCF66A17E2E9D:127.0.0.1
::localhost
::db2.mtv.co.kr
debian-sys-maint:*B639BCB9EA2DD94A3EC75B54325E7AA378615812:localhost
mtvkor:*4FEDAB890B37E3C8EC621AA3518FCF66A17E2E9D:%
mtvkor:*4FEDAB890B37E3C8EC621AA3518FCF66A17E2E9D:localhost
mtv2:*4FEDAB890B37E3C8EC621AAB538FCF66A17E2E9D:%
Data Bases:     information_schema
bestawards2008
chart
dev4
events
linkbak
lost+found
mtv4
mtvbb
mtvlog
mtvn_sms
mysql
newsletter_view
poll
test
vmak2009

Note: some db passwords have changed 4 security reason!
We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

[Paper XSS] Vulnerabilities in Common Shockwave Flash Files

SummaryCritical vulnerabilities exist in a large number of widely used web authoring tools that automatically generate Shockwave Flash (SWF) files, such as Adobe (r) Dreamweaver (r), Abobe Contribute (r), Adobe

A Perfect Keyword Rich Webpage

How to create a perfect keyword rich web page? We tried many ways to create one. Here is the Part 1 of our experiments with SEO (Search engine optimization techniques).

ZoneAlarm Using ”Scareware” to Sell Firewall

ZoneAlarm’s developer is using scareware tactics to force free-version clients into purchasing the full suite. Firewall developer Check Point Software Technologies has come under fire from consumers using the free