PlanetCreator has reported another Critical XSS Vulnerability in Thanyawzin – Myanmar Online Friends Community http://www.thanyawzin.com/

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy.

This is critical and reported to webmaster.

These are some screenshots from vul site:

fake page

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Hackers return fire at security patches

Hackers have hit back against major security patches issued by the likes of Microsoft, with a marked rise in self-installing robot programs that allow an unauthorised user to control a

Read More

Infection via HTML

Edit the code on what and how you need it, and yes this is detectable  in many cases, but you could insert a small FUD downloader to be  downloaded via

Read More

LDAP Injection Vulnerabilities

LDAP Injection Overview LDAP Injection attacks are not as common as the other types of injection attacks, but if your product uses an LDAP server this must be tested. An

Read More