PlanetCreator.Net’s Security Team member zai22 reported another critical SQL injection (vulnerability) on Dhamma Web http://www.dhammaweb.net

SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed.

informed to :- webmaster

Info-

Error Link - http://www.dhammaweb.net/Sayadaw/view.php?id=432
Domain - http://www.dhammaweb.net
Database - dhamma_photo
Version - 4.0.30-max-log <== ( it's not serious vul coz of 4.0.30 version )
User - [email protected]
Column = 18 columns

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

ModSecurity

ModSecurity is a web application firewall (WAF). With over 70% of attacks now carried out over the web application level, organisations need all the help they can get in making

Read More

Malaysia mymasjid.net.my’s Web Vulnerability, MySQL Injection

PlanetCreator has reported another critical MySQL Injection (vulnerability) on www.mymasjid.net.my This vulnerability has been alerted to :- Webmaster : [email protected] Applications: ———— PlanetCreator’s_Universal_Advanced_Internet_Securi ty_T00L System Time: ———— (UTC+08:00) Kuala Lumpur,

Read More

Single-line attack infects thousands of Web sites

Thousands of Web sites have fallen victim to an attack using just one line of code that maliciously re-directs browsers via Javascript to servers that are hosting a variety of

Read More