PlanetCreator has reported another critical SQL Injection (vulnerability) on Myanmar Teleport – Myanmar Internet Service Provider (formerly known as BaganNet) http://www.myantel.net.mm/

SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed.

This vulnerability has been alerted to :- [email protected]

Ephoto_Category
Edu_School
Edu_Registration
Edu_Message
dtproperties
DOWNLOADS
DOWNLOAD_RATE
DOWNLOAD_CATEGORY
DIRECTORY
D99_Tmp
D99_REG
D99_CMD
cvform
COUNTRY
CONTACT_US
confirm
COMPANY
CLUB_NOTICE
CLUB_MEMBER
CLUB_FREEBOARD
CLUB_DOWNLOADS
CLUB_CATEGORY
CLUB
Classified_Item
Classified_Category
CHAT_USER
CHAT_ROOM
CHAT_CATEGORY
career_company
CALENDAR_EVENTS
BgSpecial
bgFTW
BaganVote
bagan
badstringlog_1
badstringlog
BAD_WORDS
AVATAR
asean_vote
asean_user
asean_profile
Asean
Artist_Photo
Artist_Bio
ARTIST
APPLICANT_WORK
APPLICANT_PROFICIENCY
APPLICANT_OTHERQC
APPLICANT_EDUCATION
APPLICANT
appform
apoidea
Album_Vote
Album_Picture
Album_News
Album_new
Album_Members
Album_LeftVote
Album_Entry
Album_Center
Album_Category
Album
Admin_Log
accLogs
tbl_PoemSend

If you want to see detail of this vulnerability Click Here (Note :- Registered Member Only- If you are not PlanetCreator.Net Member Sign up Here)

We hope that your security staff will look into this issue and fix it as soon as possible.