PlanetCreator.Net’s Security Team Member has reported another critical SQL Injection (vulnerability) on The New Era Journal http://khitpyaing.org/
These are some information from Vulneral Site http://khitpyaing.org/ :

his vulnerability has been alerted to webmaster

Table

kp_category,kp_comment,kp_news,kp_user,view_count

Columns

edit_id,id,sort_index,text,show_home,parent,parent_id,show_tab,approved,id, news_id,name,email,title,text,type,approved,id,news_title,intro,news_body,keyword, author,news_date,category_id,show_home,top,approved,image,view_count,type,id, name,pwd,email,approved,level,id,news_id,view_count

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Malaysia Government DBKL Web Vulnerability (2nd)

PlanetCreator has reported Critical XSS vulnerability on Official Portal of Kuala Lumpur, Malaysia Web Site, http://www.planetcreator.net/2009/09/criti…aysia-web-site/ and http://www.xssed.com/mirror/64058/ but nobody takes action ~~~ How come? Hello, DBKL’s Staffs! Are you

Read More

Distributed Denial of Service (DDoS) Attacks

Demystifying Denial-Of-Service attacks, part one By Abhishek Singh, CISSP This paper provides an introduction to Denial of Service (DoS) attacks, their methodologies, common prevention techniques, and how they differ from

Read More

Critical SQL Injection in Red Link

PlanetCreator has reported another critical SQL Injection (vulnerability) on Red Link http://www.redlink.net.mm/ SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of

Read More