PlanetCreator had informed OUM’s XSS Vulnerability

But nobody cares

, How come they all wana do like this so shit! Where is OUM’s Wemaster? Sleeping @ Camp?

Yeah, Hello OUM’s Webmaster!!! Let me remind you again that your Web has MsSQL Vulnerability! Don’t you believe or Don’t you know that?

Let me show you some hints!!!!

State @ne – started—-

Applications: ———— PlanetCreator’s_Universal_Advanced_Internet_Securi ty_T00L
System Time: ———— (UTC+08:00) Kuala Lumpur, Singapore, 1/30/2010 11:01:56 PM
IP Address: ————202.76.239.80
Web Server: Apache/2.2.9 (Unix) DAV/2 mod_ssl/2.2.9 OpenSSL/0.9.8h PHP/5.2.6 mod_apreq2-20051231/2.6.0 mod_perl/2.0.4 Perl/v5.10.0
Host Name: oumdev
Installation dir: /opt/lampp/
DB_User & Pass: root::localhost
————root::linux
————::localhost
————::linux
———— pma::localhost
Databases: information_schema
———— cdcol
————granada
————kliuc_alumni
————mysql
————oumdev
————phpmyadmin
————sv_ajodl
————sv_kliucdb
———— sv_oum
————sv_oumdb
————sv_oumportal_db
————sv_oumportal_db_1609
————test

State tw0 – started

at:x:25:25:Batch jobs daemon:/var/spool/atjobs:/bin/bash
avahi:x:102:104:User for Avahi:/var/run/avahi-daemon:/bin/false
bin:x:1:1:bin:/bin:/bin/bash
daemon:x:2:2aemon:/sbin:/bin/bash
ftp:x:40:49:FTP account:/srv/ftp:/bin/bash
games:x:12:100:Games account:/var/games:/bin/bash
haldaemon:x:104:106:User for haldaemon:/var/run/hal:/bin/false
lp:x:4:7rinting daemon:/var/spool/lpd:/bin/bash
mail:x:8:12:Mailer daemon:/var/spool/clientmqueue:/bin/false
man:x:13:62:Manual pages viewer:/var/cache/man:/bin/bash
messagebus:x:101:103:User for D-Bus:/var/run/dbus:/bin/false
news:x:9:13:News system:/etc/news:/bin/bash
nobody:x:65534:65533:nobody:/var/lib/nobody:/bin/bash
ntp:x:74:102:NTP daemon:/var/lib/ntp:/bin/false
polkituser:x:103:105olicyKit:/var/run/PolicyKit:/bin/false
postfix:x:51:51ostfix Daemon:/var/spool/postfix:/bin/false
root:x:0:0:root:/root:/bin/bash
sshd:x:71:65:SSH daemon:/var/lib/sshd:/bin/false
suse-ncc:x:105:107:Novell Customer Center User:/var/lib/YaST2/suse-ncc-fakehome:/bin/bash
uucp:x:10:14:Unix-to-Unix CoPy system:/etc/uucp:/bin/bash
uuidd:x:100:101:User for uuidd:/var/run/uuidd:/bin/false
wwwrun:x:30:8:WWW daemon apache:/var/lib/wwwrun:/bin/false
ishar316:x:1000:100:Ishar Mahadi:/home/ishar316:/bin/bash
kamal:x:1001:100::/home/kamal:/bin/bash
ajaque:x:1002:100::/home/ajaque:/bin/bash
azmi:x:1003:100::/home/azmi:/bin/bash
suliana:x:1004:100::/home/suliana:/bin/bash

State thr33 – started
DB_Table_Name **** DB_Columns
oum_attachment attch_text attch_folder attch_file art_id attch_id
oum_banner bnr_update bnr_alt bnr_image bnr_access bnr_activated bnr_position bnr_desc bnr_url domain_id bnr_title bnr_id
oum_category cat_access cat_activated cat_date domain_id cat_link cat_alias cat_name cat_type parent_id cat_id
oum_category_translate trans_element lang_id translate_text cat_access cat_activated cat_date domain_id cat_link cat_alias cat_name cat_type parent_id cat_id
oum_confcode code_desc code_alias code_name code_id
oum_confitem item_alias item_name code_type item_id
oum_content art_front art_access art_activated art_hits art_order art_update art_updateby art_date art_createby domain_id cat_id art_alias art_bodytxt art_introtxt art_title art_id
oum_content_feed feed_front domain_id cat_id parent_id art_id feed_id
oum_content_frontpage order dom_id art_id
oum_content_translate trans_element lang_id translate_intro translate_text translate_title art_front art_access art_activated art_hits art_order art_update art_updateby art_date art_createby domain_id cat_id art_alias art_bodytxt art_introtxt art_title art_id
oum_domain template domain_dept domain_host domain_alias domain_name domain_type domain_id
oum_folder folder_domain folder_desc folder_type folder_name folder_id
oum_languages lang_active lang_code lang_name lang_id
oum_menu mn_activated mn_order mn_position mn_date mn_owner mn_domain mn_alias mn_name mn_id
oum_module mod_activated mod_date domain_id mod_position mod_owner mod_alias mod_name mod_id
oum_module_item item_order cat_id domain_id mod_id moditem_id
oum_site site_root site_update site_width_menu site_align site_width site_color_bg site_color_header site_pos_menu_sub site_pos_menu_main site_fax site_phone site_address site_header domain_id site_id
oum_translate published modified_by modified translate_intro translate_text translate_title trans_element reference_id lang_id id
oum_user user_logs login_last login_date login_ip user_active user_xpired user_created user_dept user_domain user_phone user_email user_pwd user_login user_name user_id
tbl_search LinkDescription Description Keywords Text Title FileName ID
voum_content_feeds domain_id parent_id cat_id feed_id art_front art_order art_access art_activated art_date art_alias art_bodytxt art_introtxt art_title art_id
voum_content_search LinkDescription Description Keywords Text Title FileName ID

We hope that their security staff will look into this issue and fix it as soon as possible.

State – End

PlanetCreator