PlanetCreator.Net’s Security Team member zai22 reported another critical SQL injection (vulnerability) on Dhamma Web http://www.dhammaweb.net

SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed.

informed to :- webmaster

Info-

Error Link - http://www.dhammaweb.net/Sayadaw/view.php?id=432
Domain - http://www.dhammaweb.net
Database - dhamma_photo
Version - 4.0.30-max-log <== ( it's not serious vul coz of 4.0.30 version )
User - [email protected]
Column = 18 columns

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

How To Bypass Ownership Permission

Conditions: ————– 777 Directory What Is This: ————– You Uploaded Shell With With “NoBody” Permission Let’s Say You Browse To Another Folder Which Is 777 But All Files Are 755

Waledac, the Geo-Targeted Malware

Malware authors are using IP tracking methods to deliver the latest variant of malware. It’s reported that the malware Waledec sends localized news to the victims using GeoIP technologies. The

Twitter accounts hacked : Barack Obama, Britney etc on the list

According to twitter, a micro blogging site, 33 twitter accounts were compromised and false and inappropriate messages were posted online. Hacked accounts include prominent twitter sources like President-elect Barack Obama,