Critical SQL Injection in mail4U is a production of Bagan Cybertech

Home / Hacking, News, Security / Critical SQL Injection in mail4U is a production of Bagan Cybertech

September 22, 2010 PlanetCreator 0 Comments 0 tags

PlanetCreator has reported another critical SQL Injection (vulnerability) on mail4U is a production of Bagan Cybertech http://www.mail4u.com.mm/

SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed.

This vulnerability has been alerted to :- [email protected]

NEWS_LETTER30042004
NEWS_LETTER29062004
NEWS_LETTER28052004
NEWS_LETTER112004
NEWS_LETTER102004
NEWS_LETTER092004
NEWS_LETTER082004
NEWS_LETTER072004bk
NEWS_LETTER072004
NEWS_LETTER
Month
MK_Stock
MK_Shop
MK_Logo
MK_Category
Merchant_info
Merchant
MDYFOC
MailExtension
MailAccount
Mail4u_Gift
luckyitem3
luckyitem1
luckyitem
LuckyDrawbefore
LuckyDraw3
luckydraw2
LuckyDraw1
luckydraw
lucky_result
lucky_item
location
Jointable
IPTOCOUNTRY
InfoPage
ID_Generator
horoscope
GroupRelation
dtproperties
Department
Cybercafe
CONTACT_US
Category
CashAccType
CashAccount(old)
CashAccount
caluser
calentry
BlackList
BatchNo
auctionuser
auctionentry
Auction_star
AucCategory
Applicant
advertising
Adv_Stock
AdminUser
AccType
AccountHistory
accLogs
CashHistory

If you want to see detail of this vulnerability Click Here (Note :- Registered Member Only- If you are not PlanetCreator.Net Member Sign up Here)

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Best Server Security Configuration

Best Server Security Configuration. Summary 1) Upgrade Apache/PHP, MySQL, OpenSSH, OpenSSL, cP/WHM etc2) cP/WHM Configuration3) SSH Access4) Mod_Security5) Firewall6) DDoS Protection7) Rootkit8) PHP Configuration9) Other10)The End Author: QKrun1x 1) Upgrade

What Is a Hacker?

Hacker is one of those terms that has a different meaning depending on who uses it. Among programmers, to be a hacker is to be a star. Hackers are programming

Download NetWitness Investigator Software

Download NetWitness Investigator Software Release Date: 11/17/2008 Version: 8.6.4.9 File Size: 31.6MB Download #1 (USA) Fastest | Download #2 (USA) Fast NetWitnessÂ® Investigator is the award-winning interactive threat analysis application

[webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
on November 15, 2024 at 12:00 am
SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
[webapps] reNgine 2.2.0 - Command Injection (Authenticated)
on October 1, 2024 at 12:00 am
reNgine 2.2.0 - Command Injection (Authenticated)
[webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
on October 1, 2024 at 12:00 am
dizqueTV 1.5.3 - Remote Code Execution (RCE)
[webapps] openSIS 9.1 - SQLi (Authenticated)
on October 1, 2024 at 12:00 am
openSIS 9.1 - SQLi (Authenticated)
[dos] Windows TCP/IP - RCE Checker and Denial of Service
on August 28, 2024 at 12:00 am
Windows TCP/IP - RCE Checker and Denial of Service