PlanetCreator.Net’s Security Team Member has reported another critical SQL Injection (vulnerability) on The New Era Journal http://khitpyaing.org/
These are some information from Vulneral Site http://khitpyaing.org/ :

his vulnerability has been alerted to webmaster

Table

kp_category,kp_comment,kp_news,kp_user,view_count

Columns

edit_id,id,sort_index,text,show_home,parent,parent_id,show_tab,approved,id, news_id,name,email,title,text,type,approved,id,news_title,intro,news_body,keyword, author,news_date,category_id,show_home,top,approved,image,view_count,type,id, name,pwd,email,approved,level,id,news_id,view_count

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Stealth, dangerous and still un-armed!

W.32Downadup.C, the third variant of the Conficker virus is more aggressive and trying to be stealth by disabling the security software installed on the machine. The new variant is focusing

Read More

How To Bypass Ownership Permission

Conditions: ————– 777 Directory What Is This: ————– You Uploaded Shell With With “NoBody” Permission Let’s Say You Browse To Another Folder Which Is 777 But All Files Are 755

Read More

XSS Shell

This script in asp permettedi executing of the commandos taking advantage of a bug of the XSSper greater info you can see the video: Code: http://ferruh.mavituna.com/xssshell/demo/ and the shell: Code:

Read More