PlanetCreator has reported another Critical XSS Vulnerability in Thanyawzin – Myanmar Online Friends Community http://www.thanyawzin.com/

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy.

This is critical and reported to webmaster.

These are some screenshots from vul site:

fake page

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Error Messages

Error Messages Overview Think about these questions. * Why are Error Conditions and Error Messages a security problem? * What’s wrong with error conditions? * Wouldn’t an administrator want the

Read More

Buffer Overflows

Buffer Overflow Overview Buffer overflows are the classic security vulnerability that have been around since the beginning of programming, and are still occurring everywhere today. Buffer overflows are very prevalent

Read More

SpiderLabs Defacetool

DefaceTool is an open-source Java Server Faces(JSF)testing tool for decoding view state and creating view state attack vectors. The tool can be used to create XSS attacks and session and

Read More