PlanetCreator has reported another critical SQL Injection (vulnerability) on National Library, Ministry of Culture Website http://www.nlm.gov.mm/

SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed.

This vulnerability has been alerted to :- [email protected]

If you want to see detail of this vulnerability Click Here (Note :- Registered Member Only- If you are not PlanetCreator.Net Member Sign up Here)

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

SQL Injection Attacks and Prevent

Introduction Security in software applications is an ever more important topic. In this article, I discuss various aspects of SQL Injection attacks, what to look for in your code, and

Read More

Detecting and Preventing Social Engineering and other Hacking Processes

Social engineering attacks are growing fast, and today majority of attackers use social engineering techniques to infiltrate into a victim’s network. It is very difficult for a technician to identify

Read More

Online Services

Gathering information: (set) http://www.subnetonline.com/ (set) http://ping.eu/ (ping, dns_tools, traceroute, web_tools) http://serversniff.net/ (DIG / nslookup, whois, traceroute) http://networking.ringofsaturn.com/Tools/ (whois, dns_tools, service_scan, traceroute) http://centralops.net/co/DomainDossier.aspx (whois, dns_tools, domain_search) http://www.whois.ws/ (whois, dns_tools) http://www.robtex.com/ (whois)

Read More