PlanetCreator.Net’s Security Team member zai22 reported another critical SQL injection (vulnerability) on Dhamma Web http://www.dhammaweb.net

SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed.

informed to :- webmaster

Info-

Error Link - http://www.dhammaweb.net/Sayadaw/view.php?id=432
Domain - http://www.dhammaweb.net
Database - dhamma_photo
Version - 4.0.30-max-log <== ( it's not serious vul coz of 4.0.30 version )
User - [email protected]
Column = 18 columns

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

What is “Clickjacking“? The latest Adobe Flash clipboard hijack attack

A new Web attacks is now in the wild. It’s named clickjacking – as discussed at the OWASP NYC AppSec 2008 Conference. Clickjacking is actually clipboard hijacking by adobe flash

Critical SQL Injection in People Magazine

PlanetCreator has reported another critical SQL Injection (vulnerability) on  People Magazine Online Website http://www.people.com.mm Powered by Inforithm-Maze. SQL injection is a code injection technique that exploits a security vulnerability occurring

Common Scams

* Password Cracking Password cracking is a common way to retrieve a password by repeatedly trying to guess for the password. The most common method of password cracking is guessing