PlanetCreator has reported another Critical XSS Vulnerability in Thanyawzin – Myanmar Online Friends Community http://www.thanyawzin.com/

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy.

This is critical and reported to webmaster.

These are some screenshots from vul site:

fake page

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Is your IP Leaking? Find out here

The first link shows your IP.http://www.whatismyip.com/This site will show more information like your town…http://www.geobytes.com/IpLocator.htm?GetLocationIf you pass this test your Proxys / Programs are doing their job…https://grc.com/x/ne.dll?bh0bkyd2 Privacy Check – checks

What are the various methods of passive OS fingerprinting?

In passive OS fingerprinting, an attacker installs a sniffer on any third party such as a router on which the victim communicates frequently. Now he studies the sniffer’s log and

Understanding /etc/passwd and /etc/shadow

Q. Can you explain /etc/passwd file format for Linux and UNIX operating systems? A. /etc/passwd file stores essential information, which is required during login i.e. user account information. /etc/passwd is