PlanetCreator‘s Security Team Researcher Infofreakzzz reported another Critical SQL injection (vulnerability) on Myanmar Calendar URL : http://www.myanmarcalendar.org/

SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed.

informed to :- webmaster

If you want to see detail of this vulnerability Click Here (Note :- Registered Member Only- If you are not PlanetCreator.Net Member Sign up Here)

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

How does the form-based authentication scheme work?

The form-based authentication scheme works in the following manner: * A client generates a request for a protected resource (e.g. a transaction details page). * The Internet Information Server (IIS)

Selection of tools to automate an attack SQL Injection

sqlmap (http://sqlmap.sourceforge.net/) Full support: MySQL, Oracle, PostgreSQL and Microsoft SQL Server. Partially supported: Microsoft Access, DB2, Informix, Sybase and Interbase. SQL Power Injector (http://www.sqlpowerinjector.com/) Implemented support for: Microsoft SQL Server,

Critical SQL Injection and XSS Vulnerability in Myanmar Engineering Society

PlanetCreator has reported another critical SQL Injection (vulnerability) on Myanmar Engineering Society Website http://www.mes.org.mm SQL injection is a code injection technique that exploits a security vulnerability occurring in the database